| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7, 100 PUP detected, Rechner extrem langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.09.2013, 12:35
| #1 |
 |  Windows 7, 100 PUP detected, Rechner extrem langsam Hallo, mein Rechner ist in letzter Zeit extrem langsam geworden. Außerdem häufen sich seltsame Vorkommnisse: - AntiVir macht bei Suchläufen keinerlei Funde. Allerdings ist es letzte Woche vorgekommen, dass plötzlich ein AntiVir-Fenster aufgegangen ist mit dem Hinweis, dass ein unerwünschtes Programm gefunden wurde. Dieses Fenster hat sich nach 3 Sekunden von selbst wieder geschlossen. Bei einem anschließenden Suchlauf hat AntiVir nichts gefunden. - Plötzlich ohne jegliche Eingabe öffnen sich zwei Fenster von Windows Explorer. - Neu geöffnete Tabs im Browser werden machmal einfach nicht geladen, obwohl eine Internetverbindung besteht. Oder es dauert mehrere Minuten bis eine Seite geladen wird. - Wenn ich eine Datei herunterladen will, passiert manchmal einfach gar nichts. - Heute war nach dem Neustart plötzlich AntiVir deaktiviert. Ich habe Malwarebytes installiert und es wurden 100 PUP Dateien gefunden. Ich weiß nicht, ob ich diese einfach löschen kann, bzw. was ich darüber hinaus unternehmen sollte. Ich möchte den Rechner ungern neu formatieren. Für Hilfe wäre ich total dankbar, da ich selber ratlos bin. Falls weitere Informationen erforderlich sind, weist mich bitte darauf hin. Vielen Dank für alles im Voraus! Hier das Log-File, das Malwarebytes erstellt hat: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.19.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 ITSC-admin :: WIWI-PC [administrator] 19.09.2013 10:07:29 MBAM-log-2013-09-19 (12-27-47).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 435245 Time elapsed: 1 hour(s), 47 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 36 HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> No action taken. HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> No action taken. HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken. HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken. HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> No action taken. HKCR\CLSID\{2A28729E-2280-4986-BDB4-EC2623EAFBA4} (PUP.FaceThemes) -> No action taken. HKCR\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> No action taken. HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> No action taken. HKCR\SelectionLinks.SelectionLinksBHO.1 (PUP.FaceThemes) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> No action taken. HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> No action taken. HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> No action taken. HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> No action taken. HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> No action taken. HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> No action taken. HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken. HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken. HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> No action taken. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> No action taken. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken. HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken. HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> No action taken. HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken. Registry Values Detected: 5 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> No action taken. HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {77C8425B-E78B-11E1-937F-08EDB9DC3C20} -> No action taken. HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {77C8425B-E78B-11E1-937F-08EDB9DC3C20} -> No action taken. Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bad: (hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=2EBA8C705A6AC3D5) Good: (hxxp://www.google.com) -> No action taken. Folders Detected: 6 C:\Users\ITSC-admin\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj (PUP.Optional.MixiDJToolBar.A) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj\mixidj (PUP.Optional.MixiDJToolBar.A) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.4.1 (PUP.Optional.MixiDJToolBar.A) -> No action taken. Files Detected: 52 C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> No action taken. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\C0E30C88-BAB0-7891-9ED3-185BED3DCB14\Latest\MyBabylonTB.exe (PUP.Optional.MixiDJ.A) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\C0E30C88-BAB0-7891-9ED3-185BED3DCB14\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken. C:\Users\ITSC-admin\AppData\Local\Temp\is-JBD8L.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken. C:\Windows\Installer\1ebdb4e.msi (PUP.Optional.SweetIM) -> No action taken. C:\Windows\Installer\1ebdb53.msi (PUP.Optional.SweetIM) -> No action taken. C:\Windows\Installer\1ebdb58.msi (PUP.Optional.SweetIM) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\2787.ico (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\LinkuryInstaller.msi (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\LinkuryInstaller_p1v16.exe (PUP.Optional.OpenCandy) -> No action taken. C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> No action taken. (end) |
|
19.09.2013, 12:38
| #2 |
| /// Malwareteam   | Windows 7, 100 PUP detected, Rechner extrem langsam Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.09.2013, 12:50
| #3 |
| | Windows 7, 100 PUP detected, Rechner extrem langsamFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 13:45:40 Running from C:\Users\ITSC-admin\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Windows\Samsung\PanelMgr\caller64.exe (O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe () c:\Windows\SysWOW64\srvany.exe (O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.) HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.) HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.) HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] () HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation) HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] () HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mixi Dj Search HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8 SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121136&babsrc=SP_ss&mntrId=2EBA8C705A6AC3D5 SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2 FireFox: ======== FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default FF user.js: detected! => C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\user.js FF DefaultSearchEngine: Google FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Ask.com FF Homepage: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\searchplugins\mixidj.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\ITSC-admin\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG) R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.) R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.) R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] () S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.) S2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR) S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.) S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG) S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.) S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.) R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] () R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.) S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x] U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) S0 PBADRV; system32\DRIVERS\PBADRV.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST 2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe 2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira 2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe 2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip 2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip 2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip 2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss 2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls 2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx 2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier 2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk 2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier 2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip 2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden 2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe 2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam 2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs 2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs 2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini 2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum 2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50 2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView 2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView 2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe 2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS 2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3 2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6 2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata 2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon 2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe 2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3 2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta 2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe 2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750 2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip ==================== One Month Modified Files and Folders ======= 2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST 2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe 2013-09-19 13:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job 2013-09-19 13:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-19 12:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-19 12:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-19 12:54 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox 2013-09-19 12:51 - 2012-05-30 21:22 - 01254175 _____ C:\Windows\WindowsUpdate.log 2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira 2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-19 09:52 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2013-09-19 09:50 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox 2013-09-19 09:49 - 2010-11-21 05:47 - 00110526 _____ C:\Windows\PFRO.log 2013-09-19 09:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-19 09:49 - 2009-07-14 06:51 - 00092963 _____ C:\Windows\setupact.log 2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe 2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat 2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat 2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-18 18:45 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log 2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic 2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job 2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier 2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip 2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip 2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip 2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss 2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls 2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata 2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx 2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN 2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk 2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier 2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip 2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys 2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden 2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe 2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini 2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam 2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin 2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs 2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs 2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum 2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50 2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView 2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView 2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe 2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS 2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey 2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata 2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3 2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe 2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6 2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon 2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe 2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3 2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta 2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten 2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750 2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12 2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip Some content of TEMP: ==================== C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-16 13:05 ==================== End Of Log ============================ |
|
19.09.2013, 12:51
| #4 |
| | Windows 7, 100 PUP detected, Rechner extrem langsam FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 Ran by ITSC-admin at 2013-09-19 13:47:11 Running from C:\Users\ITSC-admin\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= ABBYY FineReader 11 (x32 Version: 11.11.136) AccelerometerP11 (x32 Version: 2.00.10.34) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8) Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112) Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft TotalMedia 3.5 (x32 Version: 3.5.28.291) Avira Free Antivirus (x32 Version: 13.0.0.4052) BioAPI Framework (Version: 1.0.2) Bonjour (Version: 3.0.0.10) CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.4822) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell Client System Update (x32 Version: 1.3.0) Dell Data Protection | Access (x32 Version: 2.1.00001.002) Dell Edoc Viewer (Version: 1.0.0) Dell Feature Enhancement Pack (Version: 2.2.1) Dell Touchpad (Version: 7.1211.101.118) Dell Webcam Central (x32 Version: 1.40.54) DirectX 9 Runtime (x32 Version: 1.00.0000) Dropbox (HKCU Version: 2.0.22) eToken PKI Client 5.1 (Version: 5.1.32.0) Gemalto (Version: 01.64.01.0010) Google Chrome (HKCU Version: 29.0.1547.66) GRASS 6.4 (x32 Version: 6.4.3-1) Human Development Trends 2005 (x32 Version: 1.0.0) Intel PROSet Wireless Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Identity Protection Technology 1.2.27.0 (x32 Version: 1.2.27.0) Intel(R) Management Engine Components (x32 Version: 7.1.50.1172) Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0) Intel(R) Processor Graphics (x32 Version: 9.17.10.2867) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® PROSet/Wireless WiFi-Software (Version: 15.03.1000.1637) IrfanView (remove only) (x32 Version: 4.36) iTunes (Version: 11.0.4.4) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Junk Mail filter update (x32 Version: 15.4.3502.0922) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MediaMonkey 4.0 (x32 Version: 4.0) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Lync 2010 (Version: 4.0.7577.4398) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MiKTeX 2.9 (x32 Version: 2.9) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) NTRU TCG Software Stack (Version: 2.1.37) O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.23) Ox Console 6.21 (x32 Version: 6.21) OxEdit 6.20 (x32 Version: 6.20) PC-CCID (Version: 2.0.0) PDF Architect (x32 Version: 1.0.52.8917) PDFCreator (x32 Version: 1.7.1) PhotoShowExpress (x32 Version: 2.0.063) Rapport (x32 Version: 3.5.1302.61) RBVirtualFolder64Inst (Version: 1.00.0000) Revo Uninstaller 1.95 (x32 Version: 1.95) Roxio Activation Module (x32 Version: 1.0) Roxio BackOnTrack (x32 Version: 1.3.3) Roxio Burn (x32 Version: 1.8) Roxio Creator Starter (x32 Version: 1.0.439) Roxio Creator Starter (x32 Version: 12.1.77.0) Roxio Creator Starter (x32 Version: 5.0.0) Roxio Express Labeler 3 (x32 Version: 3.2.2) Roxio File Backup (Version: 1.3.2) Samsung SCX-3200 Series (x32) Scan Assistant (x32 Version: 1.01.014) ShellfireVPN 2.1 (x32 Version: 2.1) Skype™ 6.6 (x32 Version: 6.6.106) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0) SPBA 5.9 (Version: 5.9.4.6901) Stata 12 (x32 Version: 12.0) SweetIM for Messenger 3.6 (x32 Version: 3.6.0008) SweetPacks Toolbar for Internet Explorer 4.5 (x32 Version: 4.5.0000) swMSM (x32 Version: 12.0.0.1) TaskUnifier version 4.0.4 (Version: 4.0.4) Trusteer Endpunkt-Sicherheit (x32 Version: 3.5.1302.61) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update Manager for SweetPacks 1.0 (x32 Version: 1.0.0005) Upek Touchchip Fingerprint Reader (Version: 1.2.004) Wartung Samsung ML-191x 252x Series (x32) Wave Infrastructure Installer (Version: 07.67.17.0010) Wave Support Software Installer (Version: 05.13.00.033) WIDCOMM Bluetooth Software (Version: 6.3.0.7900) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinEdt 7 (x32 Version: 7.0) WinRAR Archivierer (x32) ==================== Restore Points ========================= 10-09-2013 08:06:04 Windows Update 12-09-2013 08:54:20 Installed Rapport 13-09-2013 08:20:51 Windows Update 13-09-2013 15:32:55 Windows Update 17-09-2013 12:02:58 Windows Update 19-09-2013 07:38:51 Installed Rapport ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {005AEE6E-8A5D-4D4B-82D5-75ECA4B4C382} - System32\Tasks\{A9B1B92F-536A-47C2-B16D-07C974B659F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {015024AA-5F79-45BB-87A0-5DCED61BA1C2} - System32\Tasks\{5A3390A4-6B64-4554-BFD5-62A570314F8E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {01749C34-2967-4441-AFE7-8C24EB1F1447} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.) Task: {026CE3C5-19C9-4CE9-A8BC-8CA5F2C5A580} - System32\Tasks\{4FAA841A-8786-484D-8ADD-41980B3316E5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {02880B2E-B0BC-4D0A-8B8F-19F4A9B02C12} - System32\Tasks\{04668423-F7D2-4CE2-8A08-BB069FEFE6E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0338FB40-2C37-45A9-A779-FD6C85117524} - System32\Tasks\{59845EB4-D2B8-41ED-B42A-192E6682A44F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {036909AE-4BB4-4E37-9DA2-11C52B1CA688} - System32\Tasks\{2A2BE8B9-6AE1-4250-A998-6B7F2AE1056A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {050100B7-3F7D-4190-AE3F-B9A248379AAF} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.) Task: {05F22277-8526-42F4-B3E5-F48835B53E1A} - System32\Tasks\{AC5721CF-45C9-4BF0-AECC-74ECC3DECA60} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {07328E6E-889A-4039-A146-E03A76A7F3F0} - System32\Tasks\{BED820AB-17F9-42EB-8D6B-148F10ADE241} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {07333285-9A95-4FFD-81CC-AA92BEDED981} - System32\Tasks\{130B7FD3-44CA-409E-89B9-74466BD20A49} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {08C11042-5D12-40A6-A3D0-1F867A714729} - System32\Tasks\{07AB4CF4-83B5-4036-B86E-F2D69A410294} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0A16B476-E459-44F1-AA20-FE5DBDFAEF58} - System32\Tasks\{DC4B4A1D-2607-4868-A23E-E0205868C114} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0A9178E6-2EB0-46E7-AD17-E38C17377A21} - System32\Tasks\{CE3D0930-06F1-478B-8AF6-7A6FC507871F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0EAD0346-EF22-4764-BCF9-FFDE35EDD3BE} - System32\Tasks\{5FC23388-EBD3-412E-9C88-858632E33F78} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0EC7ED5C-9AF6-4D82-A060-BF07C49F1F83} - System32\Tasks\{51858137-9D67-4446-B2B5-F36E4E70A6CC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {0F17AD2B-EBBD-4401-8FE0-9C3BB81DAD9A} - System32\Tasks\{8629EA02-47CB-45A3-A63F-8856257ED941} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {104DE0BA-26C6-4707-A3E9-B6D3F7F53B09} - System32\Tasks\{B6FE76C1-0440-4D62-BF02-929A59510982} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {12CE0F1D-74AB-48B7-A856-E661AC1B79A1} - System32\Tasks\{969892A7-FE27-4BDF-92F0-05DD4B18BD77} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {14247D80-530F-415A-8935-9673A16F5B75} - System32\Tasks\{8C49591C-F444-4657-A576-DB412C3C1E35} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {142E031F-6FD4-43CC-B6E3-709CA4163817} - System32\Tasks\{636D1CBB-7D14-401E-94D4-4B3402BE6E8C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1450EABC-A8F0-4265-BE4C-6E8EB4F03C03} - System32\Tasks\{FF0F86B3-FDF7-4038-A9AD-690EF31787A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {14D36551-8F0C-4A76-A287-2F264D6FAE97} - System32\Tasks\{306045F4-15A2-4193-9D85-5A7679E757BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1581AFDE-EBE9-40D0-A5A8-6C5CB140B603} - System32\Tasks\{A6123024-A414-4C4C-A63D-5C32337C92BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {15C7E177-ECF4-486A-A1C5-FF6AD144E668} - System32\Tasks\{B32C9A79-B7C7-4A78-B1D3-ABD9CDBE2EEB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {15F14C5E-5140-4BBC-9BEA-837A3DD2E3EC} - System32\Tasks\{2881B208-FEBA-4E61-9186-05A76A2F9CD6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1649E61C-468E-42F7-AE0C-5F099949B34E} - System32\Tasks\{160DF44E-0678-49C9-A96A-EC7751A514A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {174D5D75-0B9D-479A-91DC-8CEFB679ED21} - System32\Tasks\{75CB99F5-0F0F-44E5-8FE1-309FBA89C9FA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {19808533-91A8-448C-A0AA-8B5E09316541} - System32\Tasks\{AF8525BF-3F7D-43F6-AC27-16ED853BFBCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {19C053CC-BE4F-4CE9-AE1A-D8767E575E70} - System32\Tasks\{385CA26C-643D-4954-810D-CE2588FC7335} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1CDF13D5-23AC-4553-A374-D1E587B511C8} - System32\Tasks\{1B683846-2581-4665-ABFA-F45E481C8AA4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1DDB2C02-C375-46D8-A647-6E15B179B4B4} - System32\Tasks\{E5C86269-469D-4545-A557-9927D97ED0D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1DF11739-519A-4062-8392-6181DF55BA83} - System32\Tasks\{2C498A89-DF0F-4668-87BA-F9469CB3019E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1ED76DA7-344E-414D-ACDF-B159F999CEB9} - System32\Tasks\{595B6E39-324D-4556-83D8-073E26CBC106} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {1F7AF889-2119-4C09-9CD8-D02624F3F3E7} - System32\Tasks\{40A6113E-7EFE-4C2B-B643-08D231EB87DA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {24997C00-F292-43B3-B7BA-537BCCCA1DF2} - System32\Tasks\{6E3AF90D-2966-4965-A687-9F393245C9D2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {255CA25A-FEC7-4908-A1D4-EA53E401B943} - System32\Tasks\{FC1D94A1-B5A2-4A26-B684-66C765774C63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {26591D23-7A84-40A9-B265-99C5FB1A411F} - System32\Tasks\{750E2BF3-90E5-4666-8941-9F7146444501} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {285E2479-DE2C-439F-B962-BF10ECCFF5A8} - System32\Tasks\{E16205EE-27CB-44B6-9D89-A4A19822E75C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {28D3813D-86A7-4E7C-ABE9-2BC9D790BABE} - System32\Tasks\{C87042F2-1C0A-4BCD-8FFD-A5E78A8CDC0A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2A979C4B-7403-49B7-A691-A1DE31FCD054} - System32\Tasks\{899BD592-D6BC-4519-B87B-6A624CC63B23} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2B15A253-E0CA-48FD-BD9E-8880263D54DD} - System32\Tasks\{400099BF-4E75-4394-A771-9A8B0BCDCB2F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2BDD521C-35A4-4D9D-A77F-55D0F34F33F0} - System32\Tasks\{6C8FF71E-975B-486A-AB02-457D23CEEB71} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2DA9D7B0-2A1B-4569-BFD5-570ACE312EF2} - System32\Tasks\{340F1A04-5241-4239-A763-0C82CF80407B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2DEDF225-80BC-4C6A-85C8-C1163BCDE44D} - System32\Tasks\{DD8F23DA-FF10-4395-AEB5-E5DE5BCB42D5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2E2E3F8A-DF75-42E4-891D-890E2887C992} - System32\Tasks\{86077E23-7535-4C44-B32B-B6A1807B1948} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2E5FC8B1-4971-4A86-BE10-511318CE2849} - System32\Tasks\{98601FB3-F761-4A71-B6B5-26C22FA4E4AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2EA627AA-5355-4361-9D1F-AD6ED7E66E2A} - System32\Tasks\{68AAE252-5216-4FA0-853A-692D7B3AB3A3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2ECE967F-F36B-4F46-A021-100026DA1FF6} - System32\Tasks\{C5BBF483-0963-473C-B343-C0C0EB2F3B5D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {2F1157F0-D94B-4EF6-9478-BEF0C5F74EA2} - System32\Tasks\{960940FF-3BBA-4425-A7B6-B4DBA6C6A21F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3180C604-4518-422D-8A64-686CE687472A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.) Task: {31A0C473-5AE7-4DF2-9CFD-97DEBFB30DEF} - System32\Tasks\{F49E45A4-6F9B-4519-B867-5980DA159470} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {32E48F2D-BCB3-403A-85A6-390E72AB21EF} - System32\Tasks\{018F199F-0D75-4051-99D1-379F6AD70FB1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3433873B-FF36-4B7D-A187-631FB49F89E8} - System32\Tasks\{5F266E29-9452-4D7A-925F-5E7089ABF9F5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {34FDA1A7-14D7-4EAF-9456-CFE91F05A9AF} - System32\Tasks\{68FA33F2-4A97-4A87-99AF-F8C4FCB1792D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {35B1CB99-4547-4D7C-BC8E-2AA6C08E4A6C} - System32\Tasks\{DD08DF7A-5746-4841-BA69-BA703F8D3EBB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {38BE195E-EA8C-42B3-B34B-53899ECBCA52} - System32\Tasks\{E319BCC3-2A8B-4EAC-9B63-59EBE6DF96C0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {39AD604F-F6F1-46B4-95C2-96755C64CB67} - System32\Tasks\{CB46DB64-A186-4B56-A432-93D8AFF47006} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {39C0DE5A-EFA2-4A9F-8E18-E53657B52A9E} - System32\Tasks\{88525340-408B-45B4-8CB4-14A1FF4719E0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {39DA44AB-6F42-4D15-BA8D-3C53E8022E97} - System32\Tasks\{B3CFCF36-DA84-434E-8541-1FC2A7D64A3A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3D88EDB9-18C8-4136-B11C-D0B0875E5B93} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {3DFE87AA-A152-4559-A15C-F71E6A1AA82E} - System32\Tasks\{8A323240-AD00-404D-936D-3035AB8E24F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3E682A7E-0A5E-41E1-9AA3-1537F0C28BF1} - System32\Tasks\{160ADD81-3E8F-497E-8C9D-25861C15950B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3EF1D85E-8A92-4236-9756-230616C1B837} - System32\Tasks\{53B867E7-25AD-4FC9-87E1-9F951D2949C4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3F66AFBD-5309-4751-9F02-6551057C0C03} - System32\Tasks\{2A06FB2C-6600-48D9-9025-85DE68343757} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {3FAFB89C-8147-4BED-918F-1DBEB4ADF101} - System32\Tasks\{8583B3DA-3BFD-4F84-9A50-8E12F7191A06} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {410F6AB4-D350-48EF-9004-267156AD82A7} - System32\Tasks\{FED28F1E-3329-47D2-8023-22D826E74FE9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4246DEB2-3151-40AB-BC36-1279773E4D86} - System32\Tasks\{A6B3346B-4773-4770-8DFA-3047BC56C676} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4466D6B7-5626-48F8-B9ED-B2416EDF6D51} - System32\Tasks\{F2C52E56-78A8-450E-9B2E-DBEAE418BFF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {46E29A8B-E47B-4DE7-B704-F31AC1DE22F9} - System32\Tasks\{9D8CC5E9-9761-4260-8154-7B7EF8F52972} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {488E3E08-CFD3-4C0B-976A-B87343E7E28C} - System32\Tasks\{482F0AE5-3E41-4E45-B40C-7CF51C19ABA9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {49024499-9A05-42B6-BC59-E161DA234D3A} - System32\Tasks\{65973C50-7CC8-45FC-851B-A5015E1C2F30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4A574060-6768-4AE7-8C86-7B3AF83054E0} - System32\Tasks\{E61CBCCF-AFB7-490B-BA80-654D00725509} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4AE5472D-1EDA-4610-AAFC-AB919801377D} - System32\Tasks\{ADC2F124-2718-4612-8062-296BB1A92463} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4B1EB119-5E5D-49DB-8077-258FC59C87CF} - System32\Tasks\{F9DB6019-FF0A-471D-9F58-24565B658C0E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4B2327FB-76D2-4D8B-9806-9FA08795F22B} - System32\Tasks\{C2D640E3-E1FE-41C4-9193-A18FB94AD3AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4B61E774-EBAB-4279-9D09-A5DDE9C31FC8} - System32\Tasks\{82132396-65B1-4AF9-BDE4-CCF76F761A9D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4BE708E8-8A09-4EF9-9043-C7AB0B9DAE6F} - System32\Tasks\{CA46650B-8ADB-4679-B016-88269A259457} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4BFCA185-DC5C-4E51-BFBE-9B089C6D6CC5} - System32\Tasks\{7E617687-48F7-4153-A6BE-26B99FF09404} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4C3E73D2-2692-482B-938B-EDF6BDBD2339} - System32\Tasks\{4C669355-9FD7-40FC-A3C4-4D23127E6B1F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4E239469-AC4E-4A57-BD93-E43920388ACB} - System32\Tasks\{F6B5BA36-8C82-4885-B55E-2B18831B2504} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4EC6E202-398D-4780-9758-15DB775542E6} - System32\Tasks\{3251BD37-9536-46B2-BC53-4702DE0051C2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4ECEBAB1-30EF-4085-9ADA-A8FD1B697E8C} - System32\Tasks\{09A8E8FD-41B9-41D6-95DF-81A165E1707A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {4F38201C-4F99-40FF-810A-BBA116757B7F} - System32\Tasks\{CE80B570-FE86-4F30-A65B-CB8F31EFE602} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {50277A97-F551-4BBA-B819-67BD05A920F7} - System32\Tasks\{FB58DE85-4A6D-415C-9731-88B2279C8BEA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {51077676-1C64-46A3-A347-26962D74D002} - System32\Tasks\{95ED1C64-4E07-4C76-A94C-283D1482BD86} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {51347246-B4B4-42B9-AC0D-2D4AB1DA1D51} - System32\Tasks\{1F6D645B-5801-4944-9C97-778AA22AD751} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {51802504-9297-4B32-B9F8-753F66A13F60} - System32\Tasks\{5DEE8D04-1577-4054-8039-71E8706E3DA3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {51D8F1AA-6D5E-4C0E-892A-69E54EB3D9C8} - System32\Tasks\{4F7456A9-077E-4E41-8DED-67E5DA0C09B9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {52A8D0DB-E62A-43C9-A3BB-9CB4FEB04B9E} - System32\Tasks\{B3D4141D-0BA7-4FA3-9BA5-DEFE2645C001} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {52C293A1-4D94-4CB4-B9D1-CA61BD06B8A8} - System32\Tasks\{42EF0C39-8A12-467A-9710-9FA6D8CE519F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {52ECB521-ACD9-4784-8B58-F87A84A5730B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {52F2847E-B647-433B-BFAF-43AD34BAF363} - System32\Tasks\{433CDF00-E291-4F1B-81FD-B47135ECB007} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {537DC987-E21C-4EA4-8E3C-5B4A52353561} - System32\Tasks\{5C72E3AF-1CC8-45EA-815B-88DD0E844A85} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {54B6CAAE-25A4-4499-82EC-3EBD7F60C886} - System32\Tasks\{7C3743F2-E6A1-41BE-9676-2269AF485FAD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5513A956-22EA-422E-9D58-934A477D42D3} - System32\Tasks\{2724022A-DF67-475D-9BEB-54A2F4464FB3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {560152F2-3BAC-4103-BC8F-D240E6711CC8} - System32\Tasks\{B0B51E99-914A-4CE0-AB8C-595E3C5ABEF6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {57C3C185-86F2-4AD3-B44E-FE6CC7A4D94A} - System32\Tasks\{F04028CD-AA51-4FB7-934C-6C799254EBAB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {598BA1E3-60CF-4EE6-9F87-91BE85C1208A} - System32\Tasks\{FBF7EC59-E592-42FE-BF9C-83AA1BD2FA19} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5A89A6BA-F7B6-478B-BD78-51F224A3B2AC} - System32\Tasks\{659F16D2-2E88-406B-B132-B0871C942A63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5A9C2DC0-31AD-4397-8F31-2D1DC6F25D8E} - System32\Tasks\{9D381B60-D257-4857-A154-28011490E921} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5AD27905-64F8-4490-8317-BE49F0ACF3D7} - System32\Tasks\{A33A22B1-499C-4138-9D9A-090450305A36} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5D70A1F6-D371-46F3-AAB4-2C91E654A1FD} - System32\Tasks\{68FF90AF-7F07-4D29-BE7F-77F8D12C9690} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5DB346A8-5564-4478-B48E-E1027D510348} - System32\Tasks\{88D638F8-7C24-4DE3-AAC4-F1A7E9E71010} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5DBE6198-4E95-49D1-B2CC-4A3FED3DE1EB} - System32\Tasks\{9A14039A-B7C0-4F10-AD0E-819CDF99C819} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5E33ABF9-EDD6-48A2-9738-58F810BA90CD} - System32\Tasks\{830A0F7E-BB8A-4B57-862C-B0B709010F98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5E46FE0C-22C7-4A65-A045-F40FC0DEA3B1} - System32\Tasks\{4F0B7B14-2098-4C2C-93D5-CC3E6814827C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5E83CC31-34F5-4A49-865D-59D5EF34478F} - System32\Tasks\{EF5A49C9-18E7-4A03-A58B-629DBA45FEF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5E8D4547-6935-4204-9CA0-AF3B4F65C801} - System32\Tasks\{BE4C352F-7FB9-4599-9FC5-740B7DFF11E7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {5EB0F57E-7992-4BE8-BC92-9B9085026EAD} - System32\Tasks\{9FC71753-B8BE-4560-8EA0-AE5DEE40B523} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {61D8DBDC-AB86-46A4-980F-659E23E45C67} - System32\Tasks\{48042DF7-EFE2-463A-AFAD-BEED957A9725} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {623A1261-7EDC-47D5-820C-F7B9FB152C37} - System32\Tasks\{B353F365-7725-4766-8C56-208B9EF08C21} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {625B35C0-9AFC-4306-A6F0-C1B1985E6942} - System32\Tasks\{7A8CE0FE-F3CC-4C9E-94F7-13373EAD6C9E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {62FA6A74-1924-4856-A1B1-A833228B8345} - System32\Tasks\{8A400993-3C27-4F2E-8C7A-5C9958526F39} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {632320BC-B1B0-4FE8-917E-F644FEDA6F82} - System32\Tasks\{DCD970D1-9071-4D68-A0E5-B29177A19FF1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {648FD0B9-3CCE-4F86-9069-1A8E04DEC0EB} - System32\Tasks\{71AA1D48-B04B-42AA-8CB4-61CBDEFB45F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {652957D1-6163-4373-BF97-B26F6F8CBF2E} - System32\Tasks\{B772B577-2D90-4098-8E7F-765875F2EF69} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {665E69EA-AE8F-462F-9555-DD48F6630F16} - System32\Tasks\{81DB4995-551C-4C12-A7B5-30D0842E5059} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6689F38E-1659-44D2-B35A-49D0CFD4D595} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation) Task: {66AB035B-5EAC-48DF-BC4E-8949CF895991} - System32\Tasks\{1AB931A8-9512-448B-BF80-D1E18150D36D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {67255118-CC6B-40E0-A0AC-F669E214BA54} - System32\Tasks\{BDBEE770-4B87-458B-81B6-397537661832} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {68339A20-2EB9-47FF-98D4-3647D351A528} - System32\Tasks\{92C1F839-7A80-4E55-8DF1-D7D4C517765E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {68864B8C-A565-45C4-B8E0-66964FC4D62C} - System32\Tasks\{8E37B6A1-2037-4A2A-B505-9617F435AF07} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {691F3B74-203C-4727-8409-B9604E330BA8} - System32\Tasks\{A1721311-3DA6-4CB7-9A47-A620F27D9A04} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6C0AD24D-3E85-4039-AB90-FACDB9DCA7C7} - System32\Tasks\{2C20C044-D308-40E4-8514-54899DEAF3C6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6C24EF41-0D07-4167-9BEF-B30882E43410} - System32\Tasks\{3F470816-43F0-4686-BD8B-227B3A987FDB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6CEAE79E-5B94-4EC1-8EB2-69589F064EA4} - System32\Tasks\{DA8840F7-FE77-4779-8706-909FC0119A4F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6D07EE2D-087E-4FBA-B932-FE0D27E2BFEF} - System32\Tasks\{A3CE8D02-8CD7-4CCC-A790-0CF88AD13882} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6D10A716-C020-4123-A066-3A7A83DC53D5} - System32\Tasks\{B908917A-9AB9-4EA4-9BA7-2343E1FBC96A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {6EDC5F85-1065-481F-8367-F3857E45010A} - System32\Tasks\{387FBA8E-7B53-48DF-9893-201780567735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {73049B84-3289-4358-A3CE-34E878A6668C} - System32\Tasks\{C35D5A6B-B898-4D7D-BA85-558FB783286F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {73A4BA52-DB9D-499B-94F4-C3BA3891F77D} - System32\Tasks\{A8FFBB78-68E2-4969-B3AD-1C7B9CE9C474} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {73E73B97-B735-49D6-A8DD-5CE951F6AC51} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {74B45FF8-D4A2-4E98-9234-7EB8CB2A0E78} - System32\Tasks\{3BFD9D5A-BD6A-470B-9A1C-9AC7877E1595} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {7542F68E-4488-4FF9-BEB1-148FA743E873} - System32\Tasks\{0F9BB44A-46AE-42EB-B3EF-5BF246E0CE0C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {75594D5E-20BF-4F82-9449-5686E7F4D12F} - System32\Tasks\{CDAF0B00-D68B-4728-B082-CF645E4F22E3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {7582DD5B-C46D-45D1-AE2F-6B68E940AD7A} - System32\Tasks\{DE8799E5-07A4-4F3D-8421-47939F05211D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {75F48A3D-B453-4171-9EBD-C268A3298C2D} - System32\Tasks\{0B89FE38-6B3B-41C5-8F6A-5E87B701400D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {77A9F08E-12D2-4805-9557-5170D8191988} - System32\Tasks\{27304355-128F-4492-93BE-2C061FC538F8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {7CFF5777-3F48-40FD-961C-F1CE96B78F63} - System32\Tasks\{D4AAB3D1-76BF-469B-B60D-9D952EEBE406} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {7D774F5A-73C9-4DF4-BDC0-71DE00C795BB} - System32\Tasks\{BD4C83A1-67C7-45C9-B71F-5734E714769F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {7E65F640-6940-42F5-BE6E-6C8CB2096367} - System32\Tasks\{86369DA6-59D1-45BA-BC9E-31CA00BAFB30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {80905757-6391-4420-A97B-C1D77CF563A4} - System32\Tasks\{373C42D2-8CF5-4C26-8F52-08B1EC695BB6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {81214259-7E01-4F87-9741-BC9D5A26F850} - System32\Tasks\{C27957E7-6A4C-4A64-BB83-AB50B3E5234D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {833FB715-08CE-466C-AA14-E9CFA43202CF} - System32\Tasks\{0BBD2CAE-D7D7-4AF8-ACE6-06244A9B7466} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {83996F49-CAFB-446A-81D0-A719E9CDFB27} - System32\Tasks\{860FA283-6E52-4979-83EB-BFF40DF2F736} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {88647F42-DE44-4E3B-B271-2D57B3F8FDED} - System32\Tasks\{036B820F-5DD9-4309-BBA5-37420D567FDA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8C09E6DE-C538-48EF-A537-5E426C142F68} - System32\Tasks\{4E4494D3-0AD9-46BF-B350-1FFA88B2CFC4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8C4EBB8B-9292-4A54-BD96-649055FE26DC} - System32\Tasks\{3724D6F9-1BF2-441E-B07B-E1B2F31855C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8D330FC4-590E-4F02-B116-322E62D68F0B} - System32\Tasks\{D414385A-AA03-40BA-B286-6F717B6F2B3D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8DA1F638-F122-4C60-82A6-E509152A907A} - System32\Tasks\{60EC127C-1048-4AF8-859A-B04A31BE31A4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8E95D5AF-93D8-4504-8A87-6B44A081E11F} - System32\Tasks\{E6784431-56CB-4A59-853B-D74260CBE4A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {8EF807EC-33D6-444B-BB5D-1C43B8AC364D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated) Task: {8FBB5717-8BC0-456C-995D-758742BB268A} - System32\Tasks\{7D88ABB3-28C5-4FA8-B800-706FB5FEEC05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9155014A-F129-4A21-A576-81D4FFDF7090} - System32\Tasks\{8B60C5EE-D4D9-428C-A7FB-C62D3C6D42FE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {92CB4233-D316-47DB-BE75-6CD9A328C1C0} - System32\Tasks\{170CC0B9-728B-4EEF-BA28-B2BB561E2B16} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {92E504EB-4942-4B90-A94A-9D043A6BAF97} - System32\Tasks\{C61A91D5-21D7-452A-A774-F5FE53FA709A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {93283040-981A-4F1E-8EE5-6D8E5B32C980} - System32\Tasks\{716E24A5-3E93-4FD6-A9C7-4157B66643F0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {93902224-2493-4B72-B8CB-C1ED80035A41} - System32\Tasks\{A044B7E4-86CA-45EB-B3BD-33EF9D9A9856} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {940AAB5F-55CF-4B4D-AD3A-B62641B64C03} - System32\Tasks\{E79107E8-B35D-4456-B6F8-43EEE2F598FC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {94AB4083-1649-4F47-8B41-E5C4CD3D3595} - System32\Tasks\{4A71A548-C7BD-4DB2-AA72-9F026AD5051E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {94E410F2-999C-40CB-9F14-F735933EB426} - System32\Tasks\{DAD75026-C36A-4F55-8DEB-7D7F40F2EDE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {963E8D51-6778-4563-A370-2B5F466FDD7F} - System32\Tasks\{E4DDE6FE-3382-4379-93CC-E8605EC73911} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9673A99F-DDB9-4C1E-8970-AA4295449BCD} - System32\Tasks\{B248CFE7-3DD6-441A-8004-109987CE0C60} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {96BE3EFA-0F61-4303-83C1-D30F0B3C8D75} - System32\Tasks\{66363335-2396-4866-86D6-2B54E1086BCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {96DF2E4B-C692-42FD-9D2A-0530235E9906} - System32\Tasks\{89346FB4-642C-4C24-A945-C5B27A093232} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {996831F9-066D-4A18-AF6C-82E5AB23E6D8} - System32\Tasks\{ACC5D0BE-92F3-417E-B99A-ED81364B749C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9A042B7D-240D-4AA8-A43B-7D0F85831178} - System32\Tasks\{8D9CDF45-AE59-4D43-A16A-2123E32DA5C1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9AFF3EE6-D750-49A2-AB44-BD3D50BF12C9} - System32\Tasks\{7E065FFB-5CAB-4DDE-BE45-EE751D166F63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9BA7F418-E01D-4BAB-A843-7D26A9864F59} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9BFB20DD-CB10-4258-8C25-13F0478859D7} - System32\Tasks\{8CE63A35-4DAC-467A-917A-2CB1C60F25DC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9C520939-536F-4538-A19A-98EEFC451AD1} - System32\Tasks\{D8E10693-4DF4-4E0B-948F-CAEB4776D8F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9DEE02E8-7903-4495-BB73-9BC7494BBD83} - System32\Tasks\{8E5EFDF1-2BAA-48B1-A237-E4A8FD1A72E3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9E690A2E-C324-472E-9402-1FC3E2BA5D93} - System32\Tasks\{38C9450D-E575-478A-BCB8-D4BCDF3A6182} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {9FD8CA23-AB15-4B5C-8FA7-2A96DC96A67E} - System32\Tasks\{84742227-F545-47C5-94DD-232CC281189B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A0254AFD-2675-4A52-81BD-E1736B92B7C7} - System32\Tasks\{C4127AE5-D4D2-43E2-A844-2ACDD88B3223} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A05D42FA-717C-4990-83ED-995642FA5942} - System32\Tasks\{F2544D39-A91C-4FA2-B737-D8F089283A0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A05E8F47-ED40-4251-B044-3F4C866EF5D3} - System32\Tasks\{199EB11F-50FE-4B2A-A515-DAF3C5D169BC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A0926389-031C-46BD-AAA1-74B425342289} - System32\Tasks\{1397C2F4-780E-49BE-8966-DF520CA566DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A0E0E5F0-DE88-49E9-8261-6558DC1B5DB2} - System32\Tasks\{17785D9B-0DF1-42CA-9D16-C587C0264C29} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A1E80A58-8821-4AEC-B488-2AA63E49D951} - System32\Tasks\{1EF7B0C3-30A9-4752-BA87-B706E72A9753} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A246E9C4-816C-4A8D-9BBA-96F09456B2F7} - System32\Tasks\{68DC2A47-90BC-4229-AD1F-EABCE2838782} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A2EA08F1-75A2-46F1-A26D-3BD43708EB63} - System32\Tasks\{581EAED6-227B-4106-9313-96DD5682F115} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A426426B-07DD-4B98-B3C1-8CC126AAB991} - System32\Tasks\{73E6AC45-9F3E-44D3-813E-0492AEBD27FF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A42E8FF8-A67E-4C21-8235-B2B8563FD45E} - System32\Tasks\{744687B2-8D9C-4504-A165-A91DF7AB7A61} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {A8AF653E-55E3-4529-A265-67276AC84206} - System32\Tasks\{A7E46AEC-41EB-484B-94C5-721D6DDA06EF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {ABE78478-EAD1-4198-960D-91B10B9E35A7} - System32\Tasks\{FDD8A1CD-0435-4A64-8C42-19FDF6A76053} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {AD5FFEB4-9C84-485B-B915-0347686C0B0E} - System32\Tasks\{AF529792-A315-43B8-8E4E-BBB390787BF6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {ADD27029-C043-42C1-AFE3-87EC5C9F6F71} - System32\Tasks\{4D73BEF0-B9E3-4D05-952A-6A82978936E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {AE793A10-8D86-4460-BB9F-EAC9C0EAF883} - System32\Tasks\{78911022-6D07-4CBF-838A-2B3C804D8E67} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {AEC4BE8E-D7B9-4E13-B9BF-3B02CF016B42} - System32\Tasks\{9BA2E579-48DB-40D4-887B-636628CA0835} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {AF0E9644-58B3-40F8-B51D-5919C891024F} - System32\Tasks\{316FE744-0837-467A-A48D-071C0797018F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {AFC7291B-E5D8-4393-BD54-504F2AF273CF} - System32\Tasks\{85C8F006-9C7C-43AD-9B28-CF830A0B73FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B20FF505-816C-43CA-B5E9-C1C8C0A9F070} - System32\Tasks\{2E016592-7DF5-4549-AA69-C22A81670A39} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B25F3EF3-1D63-4ACA-8DE9-954FFE6D8031} - System32\Tasks\{25E4E6AF-660D-41E0-B865-438C8CD21080} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B4A85DE0-6E68-4BDD-8EE8-CB6B56FB483A} - System32\Tasks\{0DBCFD56-B81E-481D-BFBC-E1C14E5C8D38} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B50E30C2-250E-4D54-9912-7A2609196C87} - System32\Tasks\{E87DBE03-6583-49CE-BFC0-EAC77041BBBC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B60D11F5-4970-48D1-9043-795DB9CB5A0C} - System32\Tasks\{0D6CD1BB-438A-415B-87BA-8F2A155A682A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B6594DA2-0F3E-4787-9A31-6BC73D778506} - System32\Tasks\{5A8E87E5-82A6-4608-9BAC-D1A45CA767A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B6719433-C064-49AF-B5BC-493A6D4E5996} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation) Task: {B80CD393-C3F5-48D8-8BA3-13212824C9B5} - System32\Tasks\{5D3CCEDC-022C-45E3-BF56-37359CE99331} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {B84E96FE-5FFB-4F6C-AC9C-3098829AF5C3} - System32\Tasks\{3D3DD017-931C-4F08-9074-2A59CFE8FD3E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {BA83AF85-CC9B-4A1D-8FE0-738E7A0B3F6F} - System32\Tasks\{7AD78C34-84C6-49DD-A117-BAB7B9EA2735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {BB24F188-FD08-4035-B1B1-11DC8FAA7030} - System32\Tasks\{640CEBA0-F19E-4DD1-ABBC-2322EA8600DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {BFED3D2C-8E80-4E87-AABE-E24B001FAFDF} - System32\Tasks\{E38B1B3E-922E-46E4-A299-1291FCF0939F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C0503166-B282-4E56-89F8-75E4F02B744C} - System32\Tasks\{4C35057D-67F3-4B54-9E45-F23C44F331F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C0810280-BE52-490D-BF2D-5257065DF5C5} - System32\Tasks\{D498629D-8CAA-40E4-B0CA-F408BBA28BC0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C11A4F1F-FC33-4E03-B6F0-F8046C545EC6} - System32\Tasks\{7AFB956A-0F45-4067-BBA1-E2826731557B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C1632DB5-FAD0-4A24-86A6-20ED94B55839} - System32\Tasks\{F6319C5C-C396-49E3-B6D4-CEE3C011EAC4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C2CB4B2C-2E1A-463D-95DD-C0E40030E32B} - System32\Tasks\{BC532D56-E907-47F0-9123-02EDF99B5D0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C2E47FF8-6562-4215-8733-A9DC16101EAE} - System32\Tasks\{2E55AA7E-6019-46C6-BE1D-7311491E1B30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C3C2DAED-9165-4CED-B3F4-4606212A28DB} - System32\Tasks\{741A1C7E-5100-4B44-897E-316813676533} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C624C440-8937-4876-AE11-24508BA5882B} - System32\Tasks\{2DFA6B2C-FF53-4E74-9E82-F4270A21F482} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C68C0FED-2E14-4F9A-8430-B72E6E7FFB0B} - System32\Tasks\{67968355-D0AA-4AA3-80D1-293553EBEE7E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C77B0908-83F9-4FD3-8E52-F187C1F1892A} - System32\Tasks\{7D72E36A-FFB1-43D2-A2CE-038770D2E788} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C833C9F3-9EDB-4539-BD55-336472A241B8} - System32\Tasks\{83D37A63-84CD-421D-BDA1-36D40518B0A6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C8BAAE16-0D33-4D88-83E9-41DFE92796F0} - System32\Tasks\{0AAB9A11-85B6-48BE-8997-523D390AF02E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {C8FE205C-5327-4716-A89F-944F625F68B3} - System32\Tasks\{C64F802B-64B6-4CBA-A578-593AA2949E63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CB7110D6-4643-4DDA-8CD8-5DBE0CCD946F} - System32\Tasks\{BF2FDABC-4DAC-4253-AF3E-724B568CE45D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CC5DF190-C7D1-4EEF-A75A-BB5E7EF0DC50} - System32\Tasks\{AEF599D6-2168-4234-94B8-CF4D87C0A57F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CD1D52EA-87D5-4F52-B602-06657FED742B} - System32\Tasks\{63E172EF-402F-46C5-99C5-B68A6156AD27} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CD4F4EC8-C8C0-4CA4-8782-C7378E82B4C4} - System32\Tasks\{5C9EDEE7-42FA-4FC2-BDB3-2038587962EF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CDBB92E4-C6A1-41FF-ABCB-DBECEABAF6D9} - System32\Tasks\{1A42DDA1-12EA-4D7C-A72E-D68F51F88816} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CDC15B2D-6E3F-4233-B4F7-F4DA05DBD057} - System32\Tasks\{FE6163FE-199D-4600-A7B6-543FB8800D26} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {CDDF1E93-93E3-4FF2-98E1-D7A9716ABD04} - System32\Tasks\{9B7E73D3-4FA9-48B1-80FB-362A9095FA76} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D143E9CE-3E4F-4FAD-AF76-9B634F1B0F35} - System32\Tasks\{D7029D25-363B-4232-808A-9F34400EE138} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D1E7DD15-F243-4247-A3CF-FE906F66964A} - System32\Tasks\{517FFFAF-D8E2-4964-828E-EDAA61E33C22} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D4085D6C-F4B2-4A16-888F-E1A355A92255} - System32\Tasks\{999ECAF2-9D47-4A0F-A9FA-1C869662B6CB} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D560F458-CE65-4B26-8006-4CB011496A22} - System32\Tasks\{31015973-E7E4-4B00-AC30-20B4D26883FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D5E20D38-BCEA-4F2C-B2A3-191B408373FF} - System32\Tasks\{BDD0B651-085D-4837-9766-517DC2B230C6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D6484046-D532-42C0-812D-6D309F7088F7} - System32\Tasks\{06960298-8D4C-4381-9851-576B1DEC3B98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D6B65524-80C0-47FA-AB0E-57DBD426DAA0} - System32\Tasks\{27A37B81-B5E1-42C4-9D23-1EDA6E238A76} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D778E6A0-97CD-40C8-B029-85FD0DEAFD8A} - System32\Tasks\{8ABFC093-F583-41D6-B316-2FF9D47A8690} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D926AC0A-9F7E-4BC0-A25C-E9811C6732AB} - System32\Tasks\{9CC1DE78-4FD1-4E1F-B0D8-259D921B6A4D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D928F4C0-932C-488F-90A5-12121FE10F0D} - System32\Tasks\{032D8CF3-5B5D-4EA4-B7E8-3D5F07C80B8C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {D94FA742-E6B9-4D56-9979-A9070BAE8F67} - System32\Tasks\{D08E421A-4180-499C-8C8C-E45ABE30D735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {DA5661AE-651F-4A7C-A5E4-8747E677D64F} - System32\Tasks\{B031AFCD-2911-49D7-9C90-5DCAB088DFDE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {DB8823AC-7636-4D85-8857-6538C26ECAC0} - System32\Tasks\{33B288C4-3C4E-4A64-99D6-B08CAFEA1B01} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {DD314591-AAA8-4386-9AB2-284155F5950D} - System32\Tasks\{BCAC1A5A-0D56-451D-9BB9-7BB770E50F20} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {DDA052AD-D6B6-480A-9C70-565F18EC43D3} - System32\Tasks\{F589C59B-15E4-4AB5-B5E5-6776D2A3DA35} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {DF6F1238-EC27-4E7C-A45F-A4047C60FCC2} - System32\Tasks\{8F2AD033-8C03-42BA-A428-C804FBA5BC18} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E1D4A888-9D7C-4C63-A3A9-9D42BFC847C7} - System32\Tasks\{44756104-9128-4C9D-B874-61EB2FFD0254} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E2A5D5E4-3B5C-4372-B8DA-6D004730A4AC} - System32\Tasks\{7B06A8BC-97EC-4266-8400-45B789B6A8C0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E334BCBD-2120-4677-8856-A16645FF0762} - System32\Tasks\{5443AD49-38F2-412F-ACAB-A66CE732ABB2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E3AA0295-7785-4C31-806B-5DFEDCE4C514} - System32\Tasks\{6887DCE1-58F4-477D-86C2-5F5EF06F075E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E84CF9B8-0E29-432C-89AA-5965C68A1F91} - System32\Tasks\{FE3A912A-D202-40FD-8BDA-39A4BFCBAD17} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E8760A57-CD22-4EAB-88C4-BAD0FA530CEB} - System32\Tasks\{A39EA2C5-A550-49E3-BF99-A1B54F7C28AF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E8C3E033-D0F9-4538-8B85-F515DD5ACAE2} - System32\Tasks\{2450B1E8-CF41-40A9-8C3B-3C98FCE59FDD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {E94711B4-D71D-4190-8289-06FA8720215F} - System32\Tasks\{28B3BE0E-99E7-4599-9FFA-BC3A45119405} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EAACE01C-3189-4614-86B5-11A7B16F840D} - System32\Tasks\{273FE228-2661-44F2-88D6-3195C04E123B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EAB85E66-F1D7-43A6-9531-387CF9B97E2E} - System32\Tasks\{A67CB8C1-DD6D-4F4B-B92A-14A57294AAFE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EAC4E00C-D00E-4942-AF92-37715E770E8D} - System32\Tasks\{C4D9ABE6-E095-472D-89D6-E883E7599156} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EB4CD724-0625-4F35-AAF0-CF7F8EB8747F} - System32\Tasks\{B09A3F7A-3DD2-4031-A8E8-275BECD40082} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EBCC099B-6051-49AA-AAAD-B1D734F6DC2B} - System32\Tasks\{4C8D5066-F419-46BE-91AF-870FE3AEA600} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EDD4AD7C-DE10-4419-9033-55E25FF576DF} - System32\Tasks\{0D009470-F6D1-43FD-B3DD-D9D5BFD84516} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EE24CEDC-88C3-445B-B730-F57A7A67816A} - System32\Tasks\{8E674498-7F40-402F-9D88-3A0154F3EEF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EECF51E3-5896-40D9-B983-FF4D80D4C045} - System32\Tasks\{AC96E012-789C-48E9-8C90-4F265AF45928} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {EF713ACE-E2CE-4AB2-8F89-8D4BA8402CEC} - System32\Tasks\{F3B67EBA-3FEF-46A8-AD6B-897D9693727F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F061DA0A-0C96-4596-8C1E-9F2B2DB227AC} - System32\Tasks\{11A60C3E-6FB9-4CFC-9D41-66B0974A3D9D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F26481DA-1FB8-43B2-AB6A-1EA2AF12E1E4} - System32\Tasks\{4D3A8BBB-3F4A-4EEC-BAE2-B9CFBF772792} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F2AD1CE7-E47B-482C-856E-CEF48DF920D6} - System32\Tasks\{78DF940E-2A1F-4AF6-86DE-B047B8E3BA30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F2D76B04-280D-426C-B8D0-F0D737911FE7} - System32\Tasks\{9B7B9A44-8DAC-46FA-B7E9-5A2661D46A91} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F350E13C-DA5C-4867-AE35-F8E47A3DA9B7} - System32\Tasks\{18BAB7C7-0CE2-4029-8842-A1AE06043D0A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F3E52268-93AB-4AD2-8AD0-EDAB2E53D85A} - System32\Tasks\{8B2628F7-4047-4D58-A845-9FF91A8501E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F4BA5ED7-594F-41A8-90F5-AB5EF68CFBF8} - System32\Tasks\{06916B6E-5DF8-4C8F-BF39-0F077E2D4428} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F8726FD3-C7BC-42CA-BC81-C9E832C5918B} - System32\Tasks\{D4F14CB9-19E7-4CC5-A2D8-E44B32022B81} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F87E9297-CD61-4D2F-A2B6-0F1F5C715845} - System32\Tasks\{721E0CE9-0AC3-45A1-887B-4F84E8EB7E4C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F99114B9-DF78-4146-BB57-953737202383} - System32\Tasks\{21800C54-6892-481C-948F-E03D919AF9DC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {F9D77C80-213A-4B06-A703-D9B3B9C038A7} - System32\Tasks\{A0BFE506-5A62-455C-B1FA-90081E1B11AB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FA158D5C-19DC-43B5-8C79-032B5F5714F9} - System32\Tasks\{94C9BD0D-D5F9-4D9D-AB2B-15064F7EEB1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FABBB50C-B028-4DA7-8DC6-9271D9CFEE67} - System32\Tasks\{4B3A53E1-FDF3-4CC5-9481-BB8DD69FDDF5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FABC1003-D447-4DDB-8CC8-9938897A9B69} - System32\Tasks\{C71F05EA-3B7B-42B9-B69E-6E3BB969B590} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FCA3B720-7967-430E-9911-A91BBD183D8B} - System32\Tasks\{9F7A9E1A-6F8E-412C-9706-DCF783F39505} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FD3BA4CE-D8BB-4C48-9274-364826405C40} - System32\Tasks\{EB193E23-2C5B-45E1-B5CA-E98BC4099F1E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FD5ADD08-D7B7-4855-856D-62CCA4C4DC2A} - System32\Tasks\{1E80DC1C-8DAB-4084-8DB5-3A1DD9E9971F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FE9CB26B-6394-49B7-824C-8C2327D947B4} - System32\Tasks\{BB53BCA2-C745-4F7E-B97D-1F517D0ECD52} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: {FFEA2714-F490-447A-9363-0A30ACC9B25A} - System32\Tasks\{8D5DCC01-FD1F-4D4C-BA6B-E02440C1BCF0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2013-03-07 04:20 - 2012-11-07 10:46 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-12-24 22:16 - 2005-06-07 13:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2012-09-17 05:06 - 2012-09-17 05:06 - 00935504 _____ (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll 2012-08-07 09:22 - 2012-01-25 19:51 - 00112504 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll 2012-05-30 14:18 - 2011-01-25 11:57 - 04637184 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang64.dll 2012-05-30 23:04 - 2011-01-25 11:57 - 00651776 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2013-05-18 04:08 - 2013-04-13 07:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL 2007-03-27 20:03 - 2007-03-27 20:03 - 02173952 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtCore4.dll 2007-03-27 20:03 - 2007-03-27 20:03 - 08048640 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtGui4.dll 2007-03-29 15:11 - 2007-03-29 15:11 - 00317440 _____ () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtXml4.dll 2009-03-26 15:28 - 2009-03-26 15:28 - 00056832 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PhysicalDevices.dll 2009-03-26 15:23 - 2009-03-26 15:23 - 00851456 _____ (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eToken.dll 2009-03-26 15:23 - 2009-03-26 15:23 - 00006656 _____ (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eTPKCS11.dll 2009-03-26 15:23 - 2009-03-26 15:23 - 00005632 ____R (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eTSAPI.dll 2007-03-27 20:03 - 2007-03-27 20:03 - 00175104 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\plugins\imageformats\qjpeg1.dll 2009-03-26 15:29 - 2009-03-26 15:29 - 00169984 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\StoreSync.dll 2009-03-26 15:29 - 2009-03-26 15:29 - 01142784 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\etPropBasic.dll 2012-05-30 23:05 - 2011-06-10 20:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-08-07 09:22 - 2012-01-25 19:51 - 00112504 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL 2012-07-11 11:15 - 2011-06-22 07:42 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssp4mdu.dll 2012-07-11 11:15 - 2011-06-22 07:41 - 01219584 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\spool\DRIVERS\x64\3\ssp4m.dll 2012-06-27 15:09 - 2012-06-27 15:09 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2013-05-26 14:36 - 2013-08-21 09:16 - 00295664 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\MSVCP80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\MSVCR80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\ATL80.DLL 2013-05-26 14:36 - 2013-08-21 09:16 - 00316144 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\MSVCR80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\MSVCP80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\ATL80.DLL 2013-05-26 14:36 - 2013-08-21 09:16 - 00971504 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll 2013-05-26 14:36 - 2013-08-21 09:16 - 00951024 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\MSVCP80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\MSVCR80.dll 2013-05-26 14:36 - 2013-08-21 09:16 - 00991984 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll 2013-05-26 14:36 - 2013-08-21 09:16 - 00246512 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\MSVCP80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\MSVCR80.dll 2013-05-26 14:36 - 2013-08-21 09:16 - 00230128 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\MSVCP80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\MSVCR80.dll 2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\ATL80.DLL 2012-07-08 11:18 - 2007-04-19 09:31 - 00396104 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uDiscClub.dll 2012-07-08 11:18 - 2007-04-19 09:31 - 00604992 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uafc.dll 2012-07-08 11:18 - 2007-04-19 09:39 - 00256768 _____ (Sample Corporation) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MSLURT.dll 2012-07-08 11:18 - 2007-04-19 09:39 - 00400128 _____ (Sample Corporation) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MSLUP60.dll 2012-07-08 11:18 - 2007-04-19 09:31 - 00047872 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uAlignSplit.dll 2012-07-08 11:18 - 2007-04-19 09:32 - 00244480 _____ (Arcsoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uDvdIfo.dll 2012-07-08 11:18 - 2007-04-19 09:33 - 00125696 _____ (arcsoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uSche.dll 2012-07-08 11:18 - 2007-04-19 09:30 - 00092928 _____ (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MonitorMgr.dll 2012-07-08 11:18 - 2008-09-05 15:04 - 00155648 _____ (arcsoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uEpg.dll 2012-07-08 11:18 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll 2012-07-08 11:18 - 2007-04-19 09:31 - 00072448 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uafcrc.dll 2012-07-08 11:18 - 2006-11-21 15:51 - 00028672 _____ (ArcSoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\Res_Monitor.dll 2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2012-07-08 11:18 - 2008-11-26 11:10 - 00045056 ____N (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\PlugRemote\uAbilisRemote.dll 2012-07-08 11:17 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll 2012-07-08 11:18 - 2008-10-28 05:12 - 00024576 ____N (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\PlugRemote\uDexatekRemote.dll 2012-07-08 11:18 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\icudt.dll 2013-09-04 10:39 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll 2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-09-04 10:39 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 00709584 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 00099792 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-09-04 10:39 - 2013-09-02 22:35 - 13599184 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll 2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2012-09-17 05:06 - 2012-09-17 05:06 - 00676432 _____ (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.dll 2012-09-17 05:52 - 2012-09-17 05:52 - 00014416 _____ (ABBYY) c:\program files (x86)\abbyy finereader 11\frintegration2.dll 2013-01-09 18:26 - 2013-01-09 18:26 - 01286728 _____ (pdfforge GbR) C:\Program Files (x86)\PDF Architect\addin\WordPlugIn.dll 2013-09-19 10:01 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx 2013-09-19 10:01 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll 2013-08-09 19:04 - 2013-08-09 19:04 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2013-08-09 19:04 - 2013-08-09 19:04 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2013-08-09 19:04 - 2013-08-09 19:04 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2013-08-09 19:04 - 2013-08-09 19:04 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Dell Wireless 375 Bluetooth Module Description: Dell Wireless 375 Bluetooth Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Broadcom Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: MATSHITA DVD+-RW UJ8B2 Description: CD-ROM-Laufwerk Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard-CD-ROM-Laufwerke) Service: cdrom Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (09/19/2013 09:52:46 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2013 09:50:31 AM) (Source: DellFeatureEnhancementPack) (User: ) Description: Unable to initialize the DellSmartSettingsSys.dll. Error number = 0xa0000008 Error: (09/19/2013 09:34:18 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:02:17 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 08:13:11 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 03:06:36 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 02:16:45 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 10:00:33 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 08:25:11 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 04:24:37 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (09/19/2013 09:52:45 AM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom PBADRV Error: (09/19/2013 09:52:35 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "ShellfireVPN2Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/19/2013 09:52:35 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ShellfireVPN2Service erreicht. Error: (09/19/2013 09:52:04 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PDF Architect Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/19/2013 09:52:04 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PDF Architect Service erreicht. Error: (09/19/2013 09:51:18 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PDF Architect Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/19/2013 09:51:18 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PDF Architect Helper Service erreicht. Error: (09/19/2013 09:50:07 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/19/2013 09:50:07 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht. Error: (09/19/2013 09:49:36 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Microsoft Office Sessions: ========================= Error: (09/19/2013 09:52:46 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/19/2013 09:50:31 AM) (Source: DellFeatureEnhancementPack)(User: ) Description: Unable to initialize the DellSmartSettingsSys.dll. Error number = 0xa0000008 Error: (09/19/2013 09:34:18 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:02:17 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 08:13:11 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 03:06:36 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 02:16:45 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 10:00:33 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 08:25:11 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/16/2013 04:24:37 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 49% Total physical RAM: 8072.9 MB Available physical RAM: 4107.49 MB Total Pagefile: 16143.98 MB Available Pagefile: 11637.49 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:157.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 4423CD31) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
19.09.2013, 13:02
| #5 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Hi dann schauen wir erstmal das du wieder einigermaßen an dem System arbeiten kannst. Schritt 1: Deinstalliere bitte auf deinem System: Code:
ATTFilter SweetIM for Messenger
SweetPacks Toolbar for Internet Explorer 4.5
Schritt 2: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3: erstelle bitte ein neues FRST Logfile in dem du FRST neu startest und nochmals SCAN drückst. Poste mir das Logfile hier |
|
19.09.2013, 13:28
| #6 |
| | Windows 7, 100 PUP detected, Rechner extrem langsamCode:
ATTFilter # AdwCleaner v3.004 - Bericht erstellt am 19/09/2013 um 14:15:20
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : ITSC-admin - WIWI-PC
# Gestartet von : C:\Users\ITSC-admin\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\OApps
Ordner Gelöscht : C:\Users\ITSC-A~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKCU\Software\59538c88e03eef12
Schlüssel Gelöscht : HKLM\SOFTWARE\59538c88e03eef12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v22.0 (de)
[ Datei : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\prefs.js ]
Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=2EBA8C705A6AC3D5");
Zeile gelöscht : user_pref("extensions.mixidj.tlbrId", "mdelta");
-\\ Google Chrome v
[ Datei : C:\Users\ITSC-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9534 octets] - [19/09/2013 14:13:27]
AdwCleaner[S0].txt - [9020 octets] - [19/09/2013 14:15:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9080 octets] ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 14:25:45
Running from C:\Users\ITSC-admin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() c:\Windows\SysWOW64\srvany.exe
(O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ShellfireVPN\jre6\bin\java.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ShellfireVPN\jre6\bin\java.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2
FireFox:
========
FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)
R2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG)
S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S0 PBADRV; system32\DRIVERS\PBADRV.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-19 14:13 - 2013-09-19 14:15 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 13:47 - 2013-09-19 13:48 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip
==================== One Month Modified Files and Folders =======
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:25 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox
2013-09-19 14:19 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox
2013-09-19 14:19 - 2012-05-30 21:22 - 01278137 _____ C:\Windows\WindowsUpdate.log
2013-09-19 14:18 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-19 14:17 - 2010-11-21 05:47 - 00111702 _____ C:\Windows\PFRO.log
2013-09-19 14:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 14:17 - 2009-07-14 06:51 - 00093019 _____ C:\Windows\setupact.log
2013-09-19 14:15 - 2013-09-19 14:13 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 14:04 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-19 13:48 - 2013-09-19 13:47 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 13:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job
2013-09-19 13:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic
2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job
2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN
2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey
2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip
Some content of TEMP:
====================
C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe
C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\ITSC-admin\AppData\Local\Temp\Quarantine.exe
C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll
C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-16 13:05
==================== End Of Log ============================
--- --- --- |
|
19.09.2013, 13:40
| #7 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Wie darf ich dich den Ansprechen , mein Name ist Heiko der Rechner sollte schon deutliche Besserung zeigen, liege ich da richtig? Gib mir bitte kurz Rückmeldung Schritt 1: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: starte den Rechner bitte neu , und erstelle ein neues FRST Logfile |
|
19.09.2013, 13:47
| #8 |
| | Windows 7, 100 PUP detected, Rechner extrem langsam Hi Heiko, ich bin Sarah. Danke für Deine Hilfe. Eine Besserung habe ich jetzt noch nicht gemerkt, weil gerade mehrere Tabs in meinem Browser überhaupt nicht geladen werden. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-09-2013
Ran by ITSC-admin at 2013-09-19 14:46:56 Run:1
Running from C:\Users\ITSC-admin\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Ask.com CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} => Key deleted successfully.
HKCR\CLSID\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} => Key not found.
HKCR\Wow6432Node\CLSID\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox SearchEngineOrder.SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File 1 deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
==== End of Fixlog ====
|
|
19.09.2013, 13:57
| #9 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Hallo Sarah Schritt 2 (frisches FRST Logfile) bnötige ich noch um dir helfen zu können. Welcher Browser macht die Probleme? |
|
19.09.2013, 13:58
| #10 |
| | Windows 7, 100 PUP detected, Rechner extrem langsam Ich weiß, das Hochfahren und der Scan dauerten nur so lange. Hier ist das Logfile. Google Chrome. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 14:55:28
Running from C:\Users\ITSC-admin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() c:\Windows\SysWOW64\srvany.exe
(O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2
FireFox:
========
FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)
S2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG)
S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S0 PBADRV; system32\DRIVERS\PBADRV.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-19 14:13 - 2013-09-19 14:15 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 13:47 - 2013-09-19 13:48 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip
==================== One Month Modified Files and Folders =======
2013-09-19 14:55 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox
2013-09-19 14:54 - 2012-05-30 21:22 - 01298420 _____ C:\Windows\WindowsUpdate.log
2013-09-19 14:52 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-19 14:51 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox
2013-09-19 14:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 14:50 - 2009-07-14 06:51 - 00093075 _____ C:\Windows\setupact.log
2013-09-19 14:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job
2013-09-19 14:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:17 - 2010-11-21 05:47 - 00111702 _____ C:\Windows\PFRO.log
2013-09-19 14:15 - 2013-09-19 14:13 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 14:04 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-19 13:48 - 2013-09-19 13:47 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic
2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job
2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN
2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey
2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip
Some content of TEMP:
====================
C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe
C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\ITSC-admin\AppData\Local\Temp\Quarantine.exe
C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll
C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-16 13:05
==================== End Of Log ============================
|
|
19.09.2013, 14:06
| #11 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Hi dann schaun wir mal etwas tiefer im System. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
19.09.2013, 14:31
| #12 |
| | Windows 7, 100 PUP detected, Rechner extrem langsam Der Scan dauert offenbar eine Weile... |
|
19.09.2013, 14:35
| #13 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Ja , er sucht nach Rootkits... da du geschrieben hast dass der Bootvorgang so lange dauert... |
|
19.09.2013, 14:45
| #14 |
| | Windows 7, 100 PUP detected, Rechner extrem langsam "Scan finished: No malware found!" Trotzdem "Cleanup"? |
|
19.09.2013, 15:12
| #15 |
| /// Malwareteam | Windows 7, 100 PUP detected, Rechner extrem langsam Nein nicht nötig, aber Poste das Logfile bitte |
|
| Themen zu Windows 7, 100 PUP detected, Rechner extrem langsam |
| administrator, antivir, browser, detected, malwarebytes, messenger, neustart, nicht geladen, programm, pup.facethemes, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.iminent.a, pup.optional.mixidj.a, pup.optional.mixidjtoolbar.a, pup.optional.opencandy, pup.optional.startpage, pup.optional.sweetim, pup.optional.sweetim.a, pup.optional.sweetpacks, registry, sekunden, software, win32/adware.1clickdownload.aa |
Gruß Aneri 
Linear-Darstellung
