Firewall blockt .exe Datei

Sepp3142 · 19.09.2013, 16:11

Hallo Leute, ich bin neu hier im Forum und habe eine Frage: Meine Firewall hat heute folgende .exe blockiert :" 028b8e4e-4082-4a93-af02-420ffbbdfbd3.exe" . Diese soll angeblich im Ordner C:\program files\avast software\avast\setup\ sein. Dort kann ich sie aber nicht finden. Ich hatte eine ähnliche .exe schon mal bekommen und blockiert und bei Avast nachgefragt, aber die sagten, sie kommt nicht von ihnen. Kann mir jemand sagen, was das sein soll ? Soll ich den Zugriff erlauben oder was soll ich mit der .exe machen ? MfG Sepp3142

schrauber · 19.09.2013, 16:14

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Sepp3142 · 19.09.2013, 16:55

FRST Logfile:
[CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by User (administrator) on ATHLON7 on 19-09-2013 17:46:00
Running from C:\Users\User\AppData\Roaming\uTorrent\Computer\Daten(D)\Return.To.House.On.Haunted.Hill[2007][Unrated.Edition]DvDrip.AC3[Eng]-aXXo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Binary Fortress Software) C:\ProgramData\DisplayFusion\DisplayFusionService.exe
(zett42) C:\Program Files (x86)\FlashFolder\FlashFolder.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tordex) C:\Program Files\StartKiller\StartKiller.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Ingo Heeskens) C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinEject.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
() C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(Desksware) C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe
(Uxus Software) C:\Program Files (x86)\Jingle Keyboard\Jingle Keyboard.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dirk Jansen) C:\Program Files (x86)\MailCheck\MailCheck.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(BitTorrent, Inc.) C:\Program Files (x86)\utorrent\utorrent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(XimuSoft) C:\Users\User\Programm-EXE\ggtranslate.exe
(RaduKing) E:\RK_Launcher_04_Beta\RKLauncher.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-04-22] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM\...\Run: [Copy Handler] - [x]
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [StartMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe [7657792 2013-06-28] (OrdinarySoft)
HKCU\...\Run: [Start Killer] - C:\Program Files\StartKiller\StartKiller.exe [95096 2011-06-24] (Tordex)
HKCU\...\Run: [CursorFX] - C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKCU\...\Run: [AshSnap] - C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [3400600 2012-08-03] (ashampoo GmbH & Co. KG)
HKCU\...\Run: [Ditto] - C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
HKCU\...\Run: [WinEjectAutoStart1] - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinEject.exe [95744 2001-05-10] (Ingo Heeskens)
HKCU\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7283072 2013-04-26] (Binary Fortress Software)
HKCU\...\Run: [AtomicAlarmClock6] - C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5335552 2013-06-08] ()
HKCU\...\Run: [Desktop iCalendar.exe] - C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe [1090816 2013-07-06] (Desksware)
HKCU\...\Run: [JingleKeys] - C:\Program Files (x86)\Jingle Keyboard\Jingle Keyboard
HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [SliderDock] - C:\Program Files (x86)\SliderDock\SliderDock.exe [2263040 2012-02-06] (Dimitri Roozendaal)
HKCU\...\Run: [Nexus] - C:\Program Files (x86)\Winstep\Nexus.exe [16957056 2012-03-28] (Winstep Software Technologies)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-09-18] (Spotify Ltd)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-09-17] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2792448 2009-12-04] (VIA)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PhrozenSoft VirusTotal Uploader] - [x]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
AppInit_DLLs-x32: c:\progra~3\browse~1\25986~1.67\{c16c1~1\browse~1.dll ;C:\Ḵ춹ࠀ泛5 [ ] ()
Startup: C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4875269B4C3CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
URLSearchHook: (No Name) - {535ae879-ef3b-449c-8726-e1e644ae2290} - No File
URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
SearchScopes: HKCU - {A2DC3FEF-AB4D-442c-8517-34EC6E125C8D} URL = hxxp://search.webwebweb.com/index.html?query={searchTerms}&lang={language}&zip=&town=&site=&country=&safe=[safe,off,strict]
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com)
BHO-x32: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll ()
Toolbar: HKLM-x32 - Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 83.169.185.97
Tcpip\..\Interfaces\{7E036BF8-A73B-4789-87A1-40F1B13AC8B5}: [NameServer]8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249
FF Homepage: chrome://startpage24/content/startpage/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.6 - R:\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @startpage24.com/npLin64;Version=4 - C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - R:\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @stickypassword.com/Sticky Password - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\searchplugins\Startpage24_460149a5.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\searchplugins\webwebweb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\foxsplitter@piro.sakura.ne.jp
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\ich@maltegoetz.de
FF Extension: LastPass - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\support@lastpass.com
FF Extension: ReminderFox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: autopager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\autopager@mozilla.org.xpi
FF Extension: ffext_basicchromeext - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\ffext_basicchromeext@startpage24.xpi
FF Extension: smarterwiki - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: stefanvandamme - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\stefanvandamme@stefanvd.net.xpi
FF Extension: translator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\translator@zoli.bod.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [ffext@startpage24] - C:\ProgramData\Startpage24\Plugin\firefox
FF Extension: No Name - C:\ProgramData\Startpage24\Plugin\firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\User\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\User\AppData\Roaming\Lamantine\Sticky Password\spAutofill

Chrome:
=======
CHR HomePage: hxxp://www.google.de/ig?hl=de
CHR RestoreOnStartup: "hxxp://www.google.de/ig?hl=de"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google

mniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefi xUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Sticky Password) - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
CHR Plugin: (Startpage24 Startpage) - C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH)
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Sort by Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\2.0.0_0
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (GreaseGoogle) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko\1.61_0
CHR Extension: (Turn Off the Lights) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0
CHR Extension: (Audials Live Radio & Podcast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjlebpekgoocnhepibpaebimepdhccf\1.0.7_0
CHR Extension: (Chrome YouTube Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.19_0
CHR Extension: ( "name": "Split at selected tab") - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdochbecpfdpjobpgnacnbepkgcfhoek\1.1_0
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (New Tab Website) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkogmmlmfijkljjnhalncbabkljhceo\0.2_0
CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0
CHR Extension: (Torrent Turbo Search App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif\0.1_0
CHR Extension: (Select Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjoilhmjjhfpeflkmlhejiaadbgfkgn\1.5.20_0
CHR Extension: (Stylish) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (DNSHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0
CHR Extension: (Torrent Turbo Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\4.0.0_0
CHR Extension: (Calculator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebiheilikanaahecmhecdnfnhhekjfg\1.5_0
CHR Extension: (Click&Clean) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
CHR Extension: (Selection Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gipnlpdeieaidmmeaichnddnmjmcakoe\0.7.17_0
CHR Extension: (Porsche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0
CHR Extension: (Save to Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.0.0_0
CHR Extension: (Downloads Page Button) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmfoedhfgopiadmmbdokkknanefffjff\1_0
CHR Extension: (avast! Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (SearchPreview) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\3.0_0
CHR Extension: (New Tab Redirect!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna\2.0_0
CHR Extension: (Google Play Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0
CHR Extension: (Calc SS3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicfbobganffbpdodmdcbcpblomkbeoa\0.9.98_0
CHR Extension: (My Browser Page) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg\1.0_0
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb\1.3.3_0
CHR Extension: (Alarm Clock Radio) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi\1.7_0
CHR Extension: (iStart - new tab page, in metro style) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae\0.0.0.45_0
CHR Extension: (vavideo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mceccpkcopbefcjodfojjeegkmmmmhlb\1.4.0.0_0
CHR Extension: (3D Solar System Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.50_0
CHR Extension: (Web Noire) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdijlebpdiimcjojcbkpmcpfabignf\22.5_0
CHR Extension: (Google Mail Checker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (AutoPager Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgagnmbebdebebbcleklifnobamjonh\0.8.0.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Deezer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.2_0
CHR Extension: (YouTube Unblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0
CHR Extension: (Spotify Web Player Launcher) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oafegckanldnpojgnlfgloifiejbkgog\1.12_0
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.17.267
CHR Extension: (Click&Clean App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
CHR HKLM-x32\...\Chrome\Extension: [gaffpnfojcdkcdimoobneboagdnnenbo] - C:\Users\User\AppData\Roaming\DNSHelper Chrome\DNSHelper.crx
CHR HKLM-x32\...\Chrome\Extension: [jaogepninmlbinccpbiakcgiolijlllo] - C:\Program Files (x86)\1&1 Mail & Media\WEB.DE MailCheck\GC\webde_mailcheck.1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\User\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx

==================== Services (Whitelisted) =================

R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 DisplayFusionService; C:\ProgramData\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
R2 FlashFolder; C:\Program Files (x86)\FlashFolder\FlashFolder.exe [71680 2008-03-21] (zett42)
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-18] (BIOSTAR Group)
R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-18] (BIOSTAR Group)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] ()
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.)
R1 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [84720 2013-05-04] (Dataram, Inc.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-17] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2012-06-20] ()
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-02-18] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-02-18] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-10-31] (Paragon)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-06-06] (WinISO.com)
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-01-08] (Wondershare)
R3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [x]
U3 DfSdkS;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-19 17:45 - 2013-09-19 17:45 - 00000000 ____D C:\FRST
2013-09-18 15:24 - 2013-09-18 15:42 - 00001828 _____ C:\Windows\Sandboxie.ini
2013-09-18 15:23 - 2013-09-18 15:31 - 00000000 ____D C:\Program Files\Sandboxie
2013-09-18 15:15 - 2013-09-18 15:15 - 00000000 ____H C:\ProgramData\cm-lock
2013-09-17 21:54 - 2013-09-19 12:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2013-09-17 12:18 - 2013-09-17 12:18 - 00000218 _____ C:\Users\User\.recently-used.xbel
2013-09-17 07:30 - 2013-09-18 04:08 - 00000000 ____D C:\Users\Public\Documents\Winstep
2013-09-17 07:30 - 2013-09-17 07:30 - 00001051 _____ C:\Users\User\Documents\Winstep.lnk
2013-09-17 07:30 - 2013-09-17 07:30 - 00000000 ____D C:\Program Files (x86)\Winstep
2013-09-17 07:30 - 2008-02-05 15:36 - 00798208 _____ (Winstep Software Technologies) C:\Windows\SysWOW64\NextControls.ocx
2013-09-17 07:30 - 1997-07-19 16:55 - 01347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2013-09-15 12:52 - 2013-09-18 14:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-15 12:52 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-15 12:52 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-15 12:52 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-15 12:41 - 2013-09-15 12:41 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-09-13 23:15 - 2013-09-13 23:13 - 00002293 _____ C:\Users\User\Documents\License.avastlic
2013-09-13 16:34 - 2013-09-13 16:34 - 00003250 _____ C:\Windows\System32\Tasks\Stefan
2013-09-13 11:19 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 11:19 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 11:19 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 11:19 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 11:19 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 11:19 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 11:19 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 11:19 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 11:19 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 11:19 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 11:19 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 11:19 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 11:19 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 11:19 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 09:25 - 2013-09-13 09:25 - 00003244 _____ C:\Windows\System32\Tasks\Hallo
2013-09-13 08:38 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 08:38 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 08:38 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 08:38 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 08:38 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 08:38 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 08:38 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 08:38 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 08:38 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 08:38 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 08:38 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 08:38 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 08:38 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 08:38 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 08:38 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 08:38 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 08:38 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:38 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 08:38 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 08:38 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 08:37 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 08:37 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 08:37 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 08:37 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 08:37 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:37 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:37 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 08:37 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 08:37 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 08:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 21:51 - 2013-09-12 21:59 - 00000000 ____D C:\Users\User\AppData\Local\SliderDock
2013-09-12 21:51 - 2013-09-12 21:51 - 00000000 ____D C:\Program Files (x86)\SliderDock
2013-09-12 19:49 - 2013-09-12 19:49 - 00003556 _____ C:\Windows\System32\Tasks\Hausarzt
2013-09-11 14:21 - 2013-09-17 19:33 - 00000964 _____ C:\Windows\Tasks\Paragon Archive name diff_110913121931221.job
2013-09-11 14:21 - 2013-09-11 14:21 - 00003970 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_110913121931221
2013-09-11 13:02 - 2013-09-11 13:02 - 00000000 ____D C:\ProgramData\complexbackup
2013-09-10 19:39 - 2013-09-11 06:18 - 00000000 ____D C:\Program Files (x86)\sTabLauncher
2013-09-09 00:27 - 2013-09-09 00:27 - 00002984 _____ C:\Windows\System32\Tasks\{58F829F6-9A19-4A17-822E-C2B532A84F3A}
2013-09-08 19:02 - 2013-09-08 19:03 - 00000000 ____D C:\Users\User\AppData\Local\ToolwizCareFree
2013-09-08 19:02 - 2013-09-08 19:02 - 00001047 _____ C:\Users\UpdatusUser\Desktop\Toolwiz Care.lnk
2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT MIDI Controller Maps
2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT Collections
2013-09-07 21:00 - 2013-09-07 21:00 - 00002489 _____ C:\Users\User\Programme.gcs
2013-09-07 20:39 - 2013-09-08 00:20 - 00001155 _____ C:\Users\User\AppData\Roaming\gcstar.log
2013-09-07 15:55 - 2013-09-07 16:21 - 00000000 ____D C:\Users\Player\AppData\Roaming\Winamp
2013-09-07 14:51 - 2013-09-08 19:41 - 00000000 ____D C:\Program Files (x86)\Toolwiz TimeFreeze
2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\User\Documents\Toolwiz TimeFreeze.lnk
2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\UpdatusUser\Desktop\Toolwiz TimeFreeze.lnk
2013-09-07 14:49 - 2013-09-15 01:34 - 00000000 ____D C:\Users\User\AppData\Roaming\DVD Flick
2013-09-07 14:30 - 2013-09-07 14:30 - 00000000 ____D C:\Program Files (x86)\DVD Flick
2013-09-05 21:35 - 2013-09-05 21:35 - 00000000 ____D C:\Users\User\Documents\default
2013-09-04 19:53 - 2013-09-04 19:53 - 00000000 ____D C:\ProgramData\scripts
2013-09-02 18:12 - 2013-09-08 21:55 - 00000000 ____D C:\Program Files (x86)\Celestia
2013-09-02 11:56 - 2013-09-02 12:31 - 00000000 ____D C:\Users\User\Documents\Ashampoo Gadge It
2013-09-02 11:09 - 2013-09-14 14:59 - 00001197 _____ C:\Users\User\AppData\Roaming\Ashampoo Gadge It event.log
2013-09-01 17:48 - 2013-09-01 17:48 - 00003136 _____ C:\Windows\System32\Tasks\{3D3C8058-7F5E-47CB-9C40-7BD18A7D7A41}
2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Smith&WelcomeInc
2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Smith&Welcome Inc
2013-09-01 05:26 - 2013-09-01 05:26 - 00000000 ____D C:\Program Files (x86)\Ant Renamer
2013-09-01 02:48 - 2013-09-01 02:48 - 00000000 ____D C:\Users\Player\AppData\Local\Ashampoo
2013-08-30 16:55 - 2013-08-30 16:55 - 00000000 ____D C:\Program Files (x86)\Seam Carving GUI
2013-08-30 06:21 - 2013-09-18 21:59 - 00000966 _____ C:\Windows\Tasks\Paragon Archive name diff_300813041740867.job
2013-08-30 06:21 - 2013-08-30 06:21 - 00004006 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_300813041740867
2013-08-29 01:26 - 2013-08-31 13:54 - 00000000 ___RD C:\Users\User\SkyDrive
2013-08-27 23:02 - 2013-08-27 23:02 - 00000000 ____D C:\Users\Player\AppData\Roaming\OpenOffice
2013-08-27 20:04 - 2013-08-27 20:04 - 00000000 ____D C:\Program Files (x86)\MailCheck
2013-08-25 09:35 - 2013-09-19 17:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 09:35 - 2013-08-25 23:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-24 17:26 - 2013-08-24 17:26 - 00001931 _____ C:\Users\User\AppData\avast! Internet Security.lnk
2013-08-24 07:36 - 2013-09-07 19:53 - 00003248 _____ C:\Windows\System32\Tasks\BetterDesktopTool
2013-08-22 06:24 - 2013-08-22 06:24 - 00000000 ____D C:\Users\Player\AppData\Local\BetterDesktopTool
2013-08-22 06:16 - 2013-08-22 06:24 - 00000000 ____D C:\Program Files (x86)\BetterDesktopTool
2013-08-22 06:16 - 2013-08-22 06:16 - 00000000 ____D C:\Users\User\AppData\Local\BetterDesktopTool
2013-08-21 15:06 - 2013-08-21 15:06 - 00002693 _____ C:\Users\User\AppData\Lumac.lnk
2013-08-21 15:05 - 2013-08-21 15:05 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-08-20 12:29 - 2013-08-20 12:29 - 00000000 ____D C:\Users\User\AppData\Local\Harmony_Hollow_Software
2013-08-20 12:27 - 2013-08-22 04:45 - 00000000 ____D C:\Users\User\AppData\Local\CTDSounds
2013-08-20 12:27 - 2013-08-20 12:27 - 00000000 ____D C:\Program Files (x86)\Cool Timer Deluxe

==================== One Month Modified Files and Folders =======

2013-09-19 17:45 - 2013-09-19 17:45 - 00000000 ____D C:\FRST
2013-09-19 17:45 - 2013-01-15 17:21 - 00000000 ___RD C:\Users\User\Downloads 2
2013-09-19 17:45 - 2012-08-07 17:40 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2013-09-19 17:24 - 2012-08-05 12:38 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-19 17:13 - 2012-12-30 11:50 - 00007576 _____ C:\Users\User\XPasswörter.txt
2013-09-19 17:07 - 2013-08-25 09:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 16:55 - 2012-10-09 19:25 - 00000000 ___RD C:\Users\User\Documents\Sticky Passwords
2013-09-19 16:29 - 2011-03-26 14:16 - 01634527 _____ C:\Windows\WindowsUpdate.log
2013-09-19 12:21 - 2013-09-17 21:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2013-09-19 11:51 - 2012-12-27 01:19 - 00007666 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2013-09-19 11:28 - 2013-06-28 00:38 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2013-09-19 03:18 - 2013-04-20 11:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Ditto
2013-09-19 03:18 - 2012-08-05 12:38 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-19 00:27 - 2012-12-08 10:35 - 00000000 ____D C:\Users\User\AppData\Roaming\TVgenial
2013-09-19 00:18 - 2012-11-12 10:12 - 00000000 ___RD C:\Users\User\Bildvorlagen
2013-09-18 21:59 - 2013-08-30 06:21 - 00000966 _____ C:\Windows\Tasks\Paragon Archive name diff_300813041740867.job
2013-09-18 17:33 - 2013-07-07 17:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Rainmeter
2013-09-18 16:59 - 2012-11-19 20:21 - 00000000 ____D C:\Users\User\AppData\Roaming\SolSuite
2013-09-18 16:02 - 2012-12-07 23:53 - 00000000 ___RD C:\Users\User\Pictures 2
2013-09-18 15:42 - 2013-09-18 15:24 - 00001828 _____ C:\Windows\Sandboxie.ini
2013-09-18 15:31 - 2013-09-18 15:23 - 00000000 ____D C:\Program Files\Sandboxie
2013-09-18 15:23 - 2009-07-14 06:45 - 00019712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-18 15:23 - 2009-07-14 06:45 - 00019712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-18 15:15 - 2013-09-18 15:15 - 00000000 ____H C:\ProgramData\cm-lock
2013-09-18 15:15 - 2013-05-24 13:55 - 00017062 _____ C:\Windows\setupact.log
2013-09-18 15:14 - 2010-07-14 17:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-18 15:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 15:12 - 2013-05-05 00:07 - 2147549232 ____C C:\RAMDisk.img
2013-09-18 14:36 - 2013-09-15 12:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-18 05:36 - 2013-04-13 18:23 - 00000000 ___RD C:\Users\User\icons 2
2013-09-18 04:08 - 2013-09-17 07:30 - 00000000 ____D C:\Users\Public\Documents\Winstep
2013-09-18 03:36 - 2012-12-21 07:32 - 00001793 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-09-18 03:36 - 2012-12-21 07:32 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2013-09-18 03:06 - 2013-05-24 13:55 - 00032926 _____ C:\Windows\PFRO.log
2013-09-18 03:06 - 2009-07-14 06:45 - 05124856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-17 23:23 - 2013-05-05 00:07 - 2147549232 ____C C:\RAMDisk.img.bak
2013-09-17 20:21 - 2012-12-03 08:04 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2013-09-17 19:33 - 2013-09-11 14:21 - 00000964 _____ C:\Windows\Tasks\Paragon Archive name diff_110913121931221.job
2013-09-17 12:28 - 2013-07-10 10:36 - 00154680 _____ C:\Users\Player\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 12:18 - 2013-09-17 12:18 - 00000218 _____ C:\Users\User\.recently-used.xbel
2013-09-17 12:18 - 2012-12-14 20:02 - 00000000 ____D C:\Users\User\AppData\Roaming\griffith
2013-09-17 12:14 - 2013-06-04 16:25 - 23867483 _____ C:\Users\User\Documents\DVD -MOVIES 3.odt
2013-09-17 11:04 - 2012-12-18 17:34 - 00000000 ___RD C:\Users\User\TIPPS
2013-09-17 07:35 - 2012-07-06 16:57 - 00154680 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 07:30 - 2013-09-17 07:30 - 00001051 _____ C:\Users\User\Documents\Winstep.lnk
2013-09-17 07:30 - 2013-09-17 07:30 - 00000000 ____D C:\Program Files (x86)\Winstep
2013-09-17 07:29 - 2013-03-20 22:16 - 00000000 ___RD C:\Users\User\Programm-EXE
2013-09-17 07:14 - 2013-07-31 05:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp
2013-09-16 23:49 - 2012-12-31 15:33 - 00000000 ____D C:\Users\User\AppData\Roaming\GmailNotifierPro
2013-09-15 12:52 - 2013-06-19 00:09 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-15 12:51 - 2013-06-19 00:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-15 12:51 - 2013-06-19 00:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-15 12:41 - 2013-09-15 12:41 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-09-15 02:43 - 2012-07-06 20:58 - 00000000 ___RD C:\Users\User\Wallpapers
2013-09-15 01:34 - 2013-09-07 14:49 - 00000000 ____D C:\Users\User\AppData\Roaming\DVD Flick
2013-09-14 14:59 - 2013-09-02 11:09 - 00001197 _____ C:\Users\User\AppData\Roaming\Ashampoo Gadge It event.log
2013-09-14 14:31 - 2013-08-19 13:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Mp3tag
2013-09-13 23:13 - 2013-09-13 23:15 - 00002293 _____ C:\Users\User\Documents\License.avastlic
2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ___RD C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ___RD C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ____D C:\Users\Player
2013-09-13 16:34 - 2013-09-13 16:34 - 00003250 _____ C:\Windows\System32\Tasks\Stefan
2013-09-13 11:27 - 2011-04-16 15:56 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 11:27 - 2011-04-16 15:56 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 11:19 - 2013-08-14 21:46 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 11:16 - 2012-02-19 10:47 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 09:25 - 2013-09-13 09:25 - 00003244 _____ C:\Windows\System32\Tasks\Hallo
2013-09-12 21:59 - 2013-09-12 21:51 - 00000000 ____D C:\Users\User\AppData\Local\SliderDock
2013-09-12 21:51 - 2013-09-12 21:51 - 00000000 ____D C:\Program Files (x86)\SliderDock
2013-09-12 21:02 - 2013-07-05 07:30 - 00000000 ___RD C:\Users\User\Stefan
2013-09-12 19:49 - 2013-09-12 19:49 - 00003556 _____ C:\Windows\System32\Tasks\Hausarzt
2013-09-11 14:21 - 2013-09-11 14:21 - 00003970 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_110913121931221
2013-09-11 13:02 - 2013-09-11 13:02 - 00000000 ____D C:\ProgramData\complexbackup
2013-09-11 12:57 - 2013-03-19 20:52 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-09-11 06:18 - 2013-09-10 19:39 - 00000000 ____D C:\Program Files (x86)\sTabLauncher
2013-09-10 10:55 - 2009-07-14 19:58 - 00702398 _____ C:\Windows\system32\perfh007.dat
2013-09-10 10:55 - 2009-07-14 19:58 - 00151190 _____ C:\Windows\system32\perfc007.dat
2013-09-10 10:55 - 2009-07-14 07:13 - 01629926 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 15:56 - 2013-06-27 07:16 - 00000000 ____D C:\Users\User\AppData\Roaming\DisplayFusion
2013-09-09 00:27 - 2013-09-09 00:27 - 00002984 _____ C:\Windows\System32\Tasks\{58F829F6-9A19-4A17-822E-C2B532A84F3A}
2013-09-08 21:55 - 2013-09-02 18:12 - 00000000 ____D C:\Program Files (x86)\Celestia
2013-09-08 20:29 - 2012-08-11 12:09 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-09-08 19:41 - 2013-09-07 14:51 - 00000000 ____D C:\Program Files (x86)\Toolwiz TimeFreeze
2013-09-08 19:03 - 2013-09-08 19:02 - 00000000 ____D C:\Users\User\AppData\Local\ToolwizCareFree
2013-09-08 19:02 - 2013-09-08 19:02 - 00001047 _____ C:\Users\UpdatusUser\Desktop\Toolwiz Care.lnk
2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT MIDI Controller Maps
2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT Collections
2013-09-08 00:20 - 2013-09-07 20:39 - 00001155 _____ C:\Users\User\AppData\Roaming\gcstar.log
2013-09-07 23:00 - 2012-06-01 12:22 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-07 22:52 - 2013-01-15 06:19 - 00054127 _____ C:\Users\User\Documents\DVD`s.txt
2013-09-07 21:00 - 2013-09-07 21:00 - 00002489 _____ C:\Users\User\Programme.gcs
2013-09-07 20:56 - 2012-12-14 20:07 - 00000000 ____D C:\Users\User\AppData\Roaming\gtk-2.0
2013-09-07 19:53 - 2013-08-24 07:36 - 00003248 _____ C:\Windows\System32\Tasks\BetterDesktopTool
2013-09-07 16:21 - 2013-09-07 15:55 - 00000000 ____D C:\Users\Player\AppData\Roaming\Winamp
2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\User\Documents\Toolwiz TimeFreeze.lnk
2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\UpdatusUser\Desktop\Toolwiz TimeFreeze.lnk
2013-09-07 14:30 - 2013-09-07 14:30 - 00000000 ____D C:\Program Files (x86)\DVD Flick
2013-09-07 13:42 - 2013-05-15 10:58 - 00000000 ___RD C:\Users\User\Magazine
2013-09-05 21:35 - 2013-09-05 21:35 - 00000000 ____D C:\Users\User\Documents\default
2013-09-04 19:53 - 2013-09-04 19:53 - 00000000 ____D C:\ProgramData\scripts
2013-09-04 15:56 - 2012-08-24 10:04 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss
2013-09-02 12:31 - 2013-09-02 11:56 - 00000000 ____D C:\Users\User\Documents\Ashampoo Gadge It
2013-09-02 11:08 - 2010-07-14 17:36 - 00000000 ____D C:\ProgramData\ashampoo
2013-09-02 11:08 - 2010-07-14 17:36 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2013-09-01 17:48 - 2013-09-01 17:48 - 00003136 _____ C:\Windows\System32\Tasks\{3D3C8058-7F5E-47CB-9C40-7BD18A7D7A41}
2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Smith&WelcomeInc
2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Smith&Welcome Inc
2013-09-01 15:22 - 2012-03-18 11:07 - 00000000 ____D C:\Users\User\AppData\Local\ashampoo
2013-09-01 05:26 - 2013-09-01 05:26 - 00000000 ____D C:\Program Files (x86)\Ant Renamer
2013-09-01 02:48 - 2013-09-01 02:48 - 00000000 ____D C:\Users\Player\AppData\Local\Ashampoo
2013-09-01 01:34 - 2013-05-10 00:23 - 00010752 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-31 13:54 - 2013-08-29 01:26 - 00000000 ___RD C:\Users\User\SkyDrive
2013-08-30 18:09 - 2013-07-11 04:41 - 00000000 ____D C:\Users\Player\AppData\Roaming\vlc
2013-08-30 16:55 - 2013-08-30 16:55 - 00000000 ____D C:\Program Files (x86)\Seam Carving GUI
2013-08-30 09:48 - 2013-09-15 12:52 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-09-15 12:52 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-09-15 12:52 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-30 09:47 - 2013-06-19 00:09 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 06:21 - 2013-08-30 06:21 - 00004006 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_300813041740867
2013-08-29 10:04 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-28 23:32 - 2013-04-23 16:04 - 00000000 ___RD C:\Users\User\WAV-Töne
2013-08-28 13:56 - 2013-05-14 00:10 - 00000000 ____D C:\Users\User\AppData\Roaming\http;scientific-calculator.appspot.com
2013-08-28 00:23 - 2013-08-05 17:07 - 00000000 ____D C:\ProgramData\firebird
2013-08-27 23:02 - 2013-08-27 23:02 - 00000000 ____D C:\Users\Player\AppData\Roaming\OpenOffice
2013-08-27 21:19 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-27 20:04 - 2013-08-27 20:04 - 00000000 ____D C:\Program Files (x86)\MailCheck
2013-08-27 10:29 - 2013-06-12 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-26 22:08 - 2013-07-04 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 14:44 - 2013-07-14 02:50 - 00000000 ____D C:\Users\Player\AppData\Local\CrashDumps
2013-08-25 23:29 - 2013-08-25 09:35 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-25 23:29 - 2013-06-12 23:16 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-25 23:29 - 2013-06-12 23:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-24 17:43 - 2013-06-12 22:51 - 00000000 ____D C:\ProgramData\Adobe
2013-08-24 17:43 - 2013-06-12 20:15 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2013-08-24 17:43 - 2012-02-19 13:01 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-08-24 17:26 - 2013-08-24 17:26 - 00001931 _____ C:\Users\User\AppData\avast! Internet Security.lnk
2013-08-23 15:35 - 2010-07-14 17:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-23 15:30 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-08-23 15:04 - 2013-01-02 11:37 - 00000000 ____D C:\Users\User\AppData\Roaming\LumacDaemon
2013-08-23 12:58 - 2012-09-19 10:30 - 00000000 ____D C:\Users\User\AppData\Local\Patience
2013-08-22 19:46 - 2012-11-27 14:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Vso
2013-08-22 06:24 - 2013-08-22 06:24 - 00000000 ____D C:\Users\Player\AppData\Local\BetterDesktopTool
2013-08-22 06:24 - 2013-08-22 06:16 - 00000000 ____D C:\Program Files (x86)\BetterDesktopTool
2013-08-22 06:16 - 2013-08-22 06:16 - 00000000 ____D C:\Users\User\AppData\Local\BetterDesktopTool
2013-08-22 04:45 - 2013-08-20 12:27 - 00000000 ____D C:\Users\User\AppData\Local\CTDSounds
2013-08-21 15:06 - 2013-08-21 15:06 - 00002693 _____ C:\Users\User\AppData\Lumac.lnk
2013-08-21 15:05 - 2013-08-21 15:05 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-08-21 08:29 - 2013-05-31 10:28 - 00000000 ___RD C:\Users\User\Google Drive
2013-08-20 12:29 - 2013-08-20 12:29 - 00000000 ____D C:\Users\User\AppData\Local\Harmony_Hollow_Software
2013-08-20 12:27 - 2013-08-20 12:27 - 00000000 ____D C:\Program Files (x86)\Cool Timer Deluxe

ZeroAccess:
C:\Windows\Installer\{0acb387b-50c4-7e8b-bfd2-67f1f8822f40}
C:\Windows\Installer\{0acb387b-50c4-7e8b-bfd2-67f1f8822f40}\@

Some content of TEMP:
====================
C:\Users\Player\AppData\Local\Temp\AQOle32.dll
C:\Users\Player\AppData\Local\Temp\AQShell32.dll
C:\Users\Player\AppData\Local\Temp\vlc-2.0.7-win64.exe
C:\Users\User\AppData\Local\Temp\AQOle32.dll
C:\Users\User\AppData\Local\Temp\AQShell32.dll
C:\Users\User\AppData\Local\Temp\JIntellitype.dll
C:\Users\User\AppData\Local\Temp\proxy_vole4357746667509323487.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-06-06 22:15

==================== End OfFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013
Ran by User at 2013-09-19 17:47:15
Running from C:\Users\User\AppData\Roaming\uTorrent\Computer\Daten(D)\Return.To.House.On.Haunted.Hill[2007][Unrated.Edition]DvDrip.AC3[Eng]-aXXo\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

%Autumn Paradise 3D% %1% (x32 Version: 1.00)
µTorrent (HKCU Version: 3.4.0.29785)
123 Free Solitaire 2011 v8.0 (x32)
3D Mühle 2.1 (x32)
7stacks 1.5 beta 2 (x32 Version: 1.4.24)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adblock IE 2.2 (Version: 2.2.1524)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Download Assistant (x32 Version: 1.2.3)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Aiseesoft PDF to Word Converter 3.1.8 (x32)
Amazon Kindle (HKCU)
Ant Renamer (x32 Version: 2.10.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo Burning Studio 2013 v.11.0.5 (x32 Version: 11.0.5)
Ashampoo Gadge It v.1.0.1 (x32 Version: 1.0.1)
Ashampoo Snap 5 v.5.1.5 (x32 Version: 5.1.5)
AstroMenace version 1.3.1 (x32)
Atomic Alarm Clock 6.12
AudibleManager (x32 Version: 2001812718.48.56.34475242)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
BetterDesktopTool Version 1.62 (x32 Version: 1.62)
Big Solitaires 3D 1.4 (x32)
Butterfly on Desktop 1.0 (x32)
BVS Solitaire Collection version 7.1 (x32 Version: 7.1)
Calculator (HKCU)
calibre 64bit (Version: 0.9.34)
CameraHelperMsi (x32 Version: 13.51.815.0)
Canon Easy-PhotoPrint EX (x32)
Canon Easy-WebPrint EX (x32)
Canon Kurzwahlprogramm (x32)
Canon MP Navigator EX 5.1 (x32)
Canon MX370 series MP Drivers
Canon MX370 series On-screen Manual (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
Canon Utilities CameraWindow DC 8 (x32 Version: 8.8.0.17)
CCleaner (Version: 3.22)
CDBurnerXP (x32 Version: 4.5.1.4003)
CDDRV_Installer (Version: 4.60)
Celestia 1.6.1 (x32)
Cities of Earth 3D Screensaver v. 2.1 (x32)
Cool Timer Deluxe 1.0.6 (x32)
Core Temp version 0.99.8 (Version: 0.99.8)
Crystal Cubes 1.1 (x32 Version: 1.1)
CursorFX (x32 Version: 2.11)
CursorFX (x32 Version: 2.13)
Desktop iCalendar 2.0.0.290
Desktop-Wecker (x32 Version: 1.0.0)
DHTML Editing Component (x32 Version: 6.02.0001)
DirPrintOK (x32)
DisplayFusion 5.0.1 (x32 Version: 5.0.1.0)
Ditto (x32)
DriverAgent by eSupport.com
DROPCLOCK Screensaver (x32)
DruckStudio 1.13.119.448 (x32)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7)
Earth Screensaver HD  (x32 Version: Earth Screensaver HD)
EarthView (x32 Version: 4.3.0)
Easy Drive Data Recovery (x32 Version: 3.0)
EMDB 1.84 (x32)
erLT (x32 Version: 1.20.0137)
erLT (x32 Version: 1.20.138.34)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
FlashFolder (x32 Version: 1.9.181.0)
Folder Marker Home v 3.2 GAOTD Edition (Version: 3.2)
Free Address Book (x32 Version: 1.4.5)
Freemake Audio Converter Version 1.1.0 (x32 Version: 1.1.0)
Gmail Notifier Pro (x32 Version: 4.5.1.0)
Google Chrome (x32 Version: 29.0.1547.66)
Google Drive (x32 Version: 1.9.4536.8202)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Griffith 0.13.0 (x32 Version: 0.13.0)
IE7Pro (x32 Version: 2.5.1)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Jingle Keyboard (x32 Version: 2.4)
KhalInstallWrapper (Version: 2.00.0000)
Kits Configuration Installer (x32 Version: 8.59.25584)
K-Lite Codec Pack 7.0.0 (Standard) (x32 Version: 7.0.0)
LBreakout2 2.5.1 (x32 Version: 2.5.1)
leogeo_timebeat (x32)
loadtbs-3.0 (x32)
Logitech SetPoint (x32 Version: 4.80)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
Logitech Vid HD (x32 Version: 7.2 (7240))
Logitech Webcam-Software (x32 Version: 2.51)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.51.827.0)
LWS Help_main (x32 Version: 13.51.828.0)
LWS Launcher (x32 Version: 13.51.828.0)
LWS Motion Detection (x32 Version: 13.51.815.0)
LWS Pictures And Video (x32 Version: 13.51.815.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Webcam Software (x32 Version: 13.51.815.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
MailCheck 2 Version 2.74 (Build 353) (x32 Version: 2.74 (Build 353))
Mediencenter 3.6.0.1202 (HKCU Version: 3.6.0.1202)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Access database engine 2010 (German) (x32 Version: 14.0.6029.1000)
Microsoft Expression Web 4 (x32 Version: 4.0.1460.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 9.0.21022)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft WorldWide Telescope (x32 Version: 4.1.74)
Moorhuhn Remake (x32 Version: 1.00.0000)
MozBackup 1.5.1 (x32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mp3tag v2.57 (x32 Version: v2.57)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
Nexus 12.2 (x32)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19)
NVIDIA 3D Vision Controller-Treiber 310.90 (Version: 310.90)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
ObjectDock Free (x32 Version: 2.0)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Paragon Backup and Recovery™ 12 Compact (x32 Version: 90.00.0003)
Paragon Festplatten Manager™ 12 Essentials (x32 Version: 90.00.0003)
Path Copy Copy 11.0.1
Patience 2.51 (x32)
PDFZilla V1.2.11 (x32)
PhrozenSoft VirusTotal Uploader version 2.2 (x32 Version: 2.2)
Picasa 3 (x32 Version: 3.9)
Platform (x32 Version: 1.34)
PySol Fan Club edition v.2.0 (x32)
Rainmeter (x32 Version: 3.0 beta r2022)
RAMDisk (x32 Version: 4.1.0.24)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Revo Uninstaller Pro 3.0.2 (Version: 3.0.2)
RocketDock 1.3.5 (x32)
Sandboxie 4.04 (64-bit) (Version: 4.04)
Seam Carving GUI Win32 1.11 (x32)
Skype™ 6.3 (x32 Version: 6.3.107)
SliderDock (x32)
SolSuite 2012 v12.1 (x32)
Space Invaders OpenGL (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Start Killer (Version: 3.2)
Start Menu X Version 4.87 (Version: 4.87)
Startpage24 (x32 Version: 2.0.0.882)
Sticky Password 5.0.17.267 (x32 Version: 5.0)
SuperTetrix (x32)
Swiss Railway Clock (x32 Version: 3.01.0620)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.16447)
TeraCopy 2.27
TotalImageConverter (x32 Version: 2.5)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73)
TVgenial 4.10 (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
UpdateYeti (x32 Version: 2.0)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
VideoPad Video Editor (x32)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.7 (Version: 2.0.7)
VLC media player 2.0.8 (x32 Version: 2.0.8)
VSO ConvertXtoDVD v5.0.0.45 FINAL (x32 Version: 5.0.0.45)
VSO Downloader 2.9.10.4 (x32 Version: 2.9.10.4)
Winamp (x32 Version: 5.65 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live ID Client Runtime (Version: 7.250.4226.0)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows Software Development Kit (x32 Version: 8.59.29750)
Windows Software Development Kit EULA (x32 Version: 8.59.25584)
Windows7FirewallControl (x64) 5.2.18.33 (Version: 5.2.18.33)
WinISO (x32 Version: 6.3.0.4905)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
WinX Free MP4 to AVI Converter 4.1.15 (x32)
WISO Konto Online 2013 (x32 Version: 15.5.0.59)
WPT Redistributables (x32 Version: 8.59.29750)
WPTx64 (x32 Version: 8.59.29722)
Xara Web Designer 9 Premium (Version: 9.0.1.27404)
YoWindow (x32 Version: 3)

==================== Restore Points  =========================

12-09-2013 10:37:52 WHP 5
13-09-2013 09:12:13 Windows Update
15-09-2013 09:45:19 WHP 6
15-09-2013 10:39:24 Revo Uninstaller Pro's restore point - avast! Internet Security
15-09-2013 10:40:50 avast! Internet Security Setup
15-09-2013 10:51:07 avast! Free Antivirus Setup
15-09-2013 14:05:38 Revo Uninstaller Pro's restore point - Rainlendar2 (remove only)
17-09-2013 19:44:34 Revo Uninstaller Pro's restore point - Spotify
18-09-2013 13:03:38 Revo Uninstaller Pro's restore point - Sandboxie 4.04 (64-bit)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-10-26 20:14 - 00000054 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {04A0FB92-3411-4909-9C56-F919529625B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {140270A0-9B66-4B65-B419-C0EE3C32A9DA} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4130873738-3054959996-451904198-1014
Task: {19396E58-59FB-4308-AC6C-A019F214A0BB} - System32\Tasks\Hausarzt
Task: {1D1A02BA-BB9F-4061-8951-5C780A9C7300} - System32\Tasks\SpottyFiles Update => C:\Program Files (x86)\SpottyFiles\SpottyFilesUpdater.exe
Task: {25093BE5-7EFF-4A12-85D6-4E57122D45CA} - System32\Tasks\Core Temp Autostart User => C:\Program Files\Core Temp\Core Temp.exe [2010-10-03] ()
Task: {294E69E2-D3D2-4831-9DBD-882E833BC971} - System32\Tasks\{58F829F6-9A19-4A17-822E-C2B532A84F3A} => C:\Users\User\Programm-EXE\RK_Launcher_04_Beta\RKLauncher.exe
Task: {29BFEA83-9755-48D3-B512-99661A427353} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {4686ED4F-7EEF-48A1-8325-63A0AED7F761} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {4E639158-DA8F-49E1-B106-BBD569DC60AD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4FF0048A-C7BF-458E-AF35-CE88E0FEA070} - System32\Tasks\Stefan
Task: {53BDCEC6-2690-4836-9F78-3456DA909DA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {657249CA-CE51-4E4E-BFE3-36248482A39D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {7187E079-3254-4C01-9573-AA13C4632E3E} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [2013-07-03] ()
Task: {746713F4-257E-4022-9467-D076CB18B010} - System32\Tasks\WPD\SqmUpload_S-1-5-21-4130873738-3054959996-451904198-1004 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation)
Task: {87632AFD-290A-451B-8D1F-CF6A9FC43817} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4130873738-3054959996-451904198-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {879514E6-B7DD-41C0-9FF2-440741B4F4CB} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {9126EC33-7E13-4833-A146-8FE568A1EFC1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {95022651-9177-4B34-8AEA-31B5C7E83A44} - System32\Tasks\Google Updater and Installer => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {95B8F9AA-3EED-48D7-8A36-1DF9AE5DB69E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4130873738-3054959996-451904198-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A83F1493-6CC4-467A-B890-4C49E40E9681} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {B0217143-8CE7-405F-9940-834DE4F89C5A} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2012-11-22] (NCH Software)
Task: {B42D66DC-CCBA-4E0C-A872-22E26E857856} - System32\Tasks\Paragon Archive name diff_300813041740867 => C:\Program Files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\scripts.exe
Task: {CBF6D131-8776-41F8-B0FF-E2CF3A687CCC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4130873738-3054959996-451904198-1004
Task: {DE3968B7-9FE1-497B-8CAD-FBD0DFFD4E83} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {E34E4C33-E32D-4245-A66C-37697C2010E1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {EBBD1D8B-9E1E-418A-95AE-66327AAE1AD5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {F429B5A4-A774-4766-8BD1-3E97C81846CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-25] (Adobe Systems Incorporated)
Task: {F58DD130-D1C2-44D8-88A3-8086CC7D7092} - System32\Tasks\Paragon Archive name diff_110913121931221 => C:\Program Files (x86)\Paragon Software\Backup and Recovery 12 Compact\program\scripts.exe [2012-10-31] (Paragon Software Group)
Task: {F87A2888-BED5-41C3-8E85-E8EAF8652365} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {FDEAE4A9-8EC9-4751-9B2A-A635F1442081} - System32\Tasks\Hallo
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Paragon Archive name diff_110913121931221.job => C:\Program Files (x86)\Paragon Software\Backup and Recovery 12 Compact\program\scripts.exe
Task: C:\Windows\Tasks\Paragon Archive name diff_300813041740867.job => C:\Program Files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\scripts.exe

==================== Loaded Modules (whitelisted) =============

2013-06-29 17:51 - 2013-06-28 16:22 - 00101696 _____ (OrdinarySoft.) C:\Program Files\Start Menu X\StartMenuXHook.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00776704 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.dll
2012-06-13 07:49 - 2013-02-26 01:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-10 18:42 - 2010-03-24 20:33 - 00633200 _____ (Stardock) E:\ObjectDockPlus2\ODMenu64.dll
2011-06-24 05:24 - 2011-06-24 05:24 - 00057208 _____ () C:\Program Files\StartKiller\ASHook.dll
2013-07-03 11:27 - 2013-06-07 20:20 - 01875968 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2013-06-27 07:16 - 2013-04-17 17:12 - 00222064 _____ (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx64_10928CA5-82ED-4199-B300-0A98F13DD609.dll
2012-10-01 20:36 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-07-02 00:32 - 2011-10-26 17:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-05-15 11:18 - 2013-04-13 07:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
2013-07-02 23:34 - 2013-07-02 23:34 - 00018944 _____ (Orbmu2k) C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\nvidia20.gadget\NvApiReader.dll
2012-05-23 22:07 - 2013-02-26 01:32 - 02826040 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-07 19:45 - 2013-05-16 17:49 - 00163328 _____ (DDay Software - ddaysoftware.com) C:\Program Files\desksware\Desktop iCalendar\DDay.iCal.dll
2013-07-07 19:45 - 2013-05-16 17:49 - 00106496 _____ (ANTLR) C:\Program Files\desksware\Desktop iCalendar\antlr.runtime.dll
2013-07-07 19:45 - 2013-05-16 17:49 - 00368128 _____ (Newtonsoft) C:\Program Files\desksware\Desktop iCalendar\Newtonsoft.Json.Net35.dll
2013-07-08 13:29 - 2013-09-17 18:43 - 00456280 _____ (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieDll.dll
2012-06-12 13:29 - 2009-05-26 17:53 - 00096272 _____ (Logitech, Inc.) C:\Windows\system32\KemXML.dll
2012-06-12 13:29 - 2009-05-26 17:52 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\kemutb.dll
2012-06-12 13:29 - 2009-05-26 17:53 - 00235536 _____ (Logitech, Inc.) C:\Windows\system32\KemUtil.dll
2012-06-12 13:29 - 2009-05-26 17:53 - 00159248 _____ (Logitech, Inc.) C:\Windows\system32\KemWnd.dll
2012-06-12 13:29 - 2009-05-26 17:53 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00735416 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00062976 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2013-07-21 17:55 - 2013-07-21 17:55 - 00013824 _____ () C:\Program Files\Rainmeter\Plugins\Perfmon.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00010240 _____ () C:\Program Files\Rainmeter\Plugins\WindowMessagePlugin.dll
2013-07-21 17:55 - 2013-07-21 17:55 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2013-07-21 17:56 - 2013-07-21 17:56 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2013-07-21 17:57 - 2013-07-21 17:57 - 00028160 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2013-07-21 17:56 - 2013-07-21 17:56 - 00014336 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.dll
2010-01-30 19:49 - 2011-10-24 19:00 - 00067728 _____ () C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll
2012-05-10 03:40 - 2012-05-10 03:40 - 00037520 _____ ( ) C:\Program Files (x86)\Stardock\CursorFX\CurXP0.dll
2013-05-22 00:03 - 2013-07-31 17:53 - 01852728 _____ (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spCapBtn.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00675840 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
2013-08-13 06:51 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-02-08 10:34 - 2012-11-07 16:18 - 04367240 _____ (Ashampoo) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ash_inet2.dll
2013-02-08 10:34 - 2012-08-03 14:29 - 02511256 _____ (PDFlib GmbH) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\pdflib.dll
2013-02-08 10:34 - 2012-08-03 14:29 - 00042904 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\MouseHook.dll
2013-06-27 07:16 - 2013-04-17 17:12 - 00190320 _____ (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx86_0C7FE6AB-A31F-4B94-A3C1-183431B7E8A4.dll
2013-07-27 20:48 - 1999-12-29 16:58 - 00011264 ___SH () C:\Program Files (x86)\Jingle Keyboard\keybhook.DLL
2013-09-09 00:40 - 2013-09-08 21:47 - 00053248 _____ (RaduKing) E:\RK_Launcher_04_Beta\RKLauncher.dll
2013-04-20 11:01 - 2012-11-08 20:15 - 00039936 _____ (Ditto Utility Addin) C:\Program Files (x86)\Ditto\Addins\DittoUtil.dll
2013-09-17 07:30 - 2012-02-22 09:41 - 01085376 _____ () C:\Program Files (x86)\Winstep\wodTelnetDLX.dll
2013-09-17 07:30 - 2011-05-26 18:20 - 00025088 _____ (Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00807936 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
2010-10-04 19:54 - 2010-10-04 19:54 - 00053760 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
2013-08-25 23:29 - 2013-08-25 23:29 - 16230792 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_94.ocx
2013-09-09 00:40 - 2013-09-08 21:47 - 00065536 _____ (RaduKing) E:\RK_Launcher_04_Beta\YzDocklet.dll
2013-09-09 00:40 - 2013-09-08 21:47 - 00024576 _____ (RaduKing) E:\RK_Launcher_04_Beta\RKDocklet.dll
2012-05-04 08:31 - 2013-07-31 17:53 - 01327928 _____ (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spIEBho.dll
2013-09-04 01:58 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 01:58 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 01:58 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 01:58 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 01:58 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-05-22 00:03 - 2013-07-31 17:53 - 00635704 _____ (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\npspAutofill.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\User:zylomtest
AlternateDataStreams: C:\Users\User:zylomtr{000HQ7FF-AD7A-3FG3-VK8A-25GG67KOIVUV}


==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor) - avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: WAN-Miniport (IPv6) - avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: I:\
Description: Storage Device  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: NVIDIA nForce 10/100 Mbps Ethernet  - avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: WAN-Miniport (IP) - avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2013 04:30:56 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/19/2013 00:00:07 PM) (Source: Chrome) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.66;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\4b09ea9d-b8ee-4679-a89b-9aaff3d8f436.dmp

Error: (09/19/2013 10:35:20 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/19/2013 03:58:25 AM) (Source: Chrome) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.66;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\c1479489-b1da-4292-89cf-b35db8ef1e3f.dmp

Error: (09/19/2013 03:24:09 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/18/2013 10:01:52 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/18/2013 03:03:38 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {053a0dab-887e-4d7b-8a5c-bc465292577c}

Error: (09/18/2013 02:37:48 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/18/2013 03:24:13 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.

Error: (09/17/2013 09:44:33 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {7f463662-82c4-4974-a165-9afc5a20cacb}


System errors:
=============
Error: (09/19/2013 05:45:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (09/19/2013 05:45:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (09/19/2013 05:45:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (09/19/2013 05:45:25 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.

Error: (09/19/2013 05:45:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (09/19/2013 05:45:05 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.

Error: (09/19/2013 05:41:04 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.

Error: (09/19/2013 05:36:57 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.

Error: (09/19/2013 05:36:06 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.

Error: (09/19/2013 05:34:39 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 1203.


Microsoft Office Sessions:
=========================
Error: (09/19/2013 04:30:56 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/19/2013 00:00:07 PM) (Source: Chrome)(User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.66;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\4b09ea9d-b8ee-4679-a89b-9aaff3d8f436.dmp

Error: (09/19/2013 10:35:20 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/19/2013 03:58:25 AM) (Source: Chrome)(User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=29.0.1547.66;lang=;id=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\c1479489-b1da-4292-89cf-b35db8ef1e3f.dmp

Error: (09/19/2013 03:24:09 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2013 10:01:52 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2013 03:03:38 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {053a0dab-887e-4d7b-8a5c-bc465292577c}

Error: (09/18/2013 02:37:48 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/18/2013 03:24:13 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Drive -- Error 1904. Module C:\Program Files (x86)\Google\Drive\googledrivesync64.dll failed to register.  HRESULT -2147023782.  Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/17/2013 09:44:33 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {7f463662-82c4-4974-a165-9afc5a20cacb}


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 8191.37 MB
Available physical RAM: 3601.46 MB
Total Pagefile: 10237.55 MB
Available Pagefile: 4519.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:215.26 GB) (Free:118.73 GB) NTFS
Drive d: (Daten) (Fixed) (Total:61.9 GB) (Free:55.98 GB) NTFS
Drive e: (DRIVE-N-GO) (Fixed) (Total:310.63 GB) (Free:257.97 GB) FAT32
Drive f: (Laufwerk) (Fixed) (Total:155.02 GB) (Free:81.06 GB) NTFS
Drive h: (System-reserviert) (Fixed) (Total:2.3 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive r: (RAM-Disk) (Fixed) (Total:1.97 GB) (Free:1.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 279 GB) (Disk ID: BB04A44D)
Partition 1: (Not Active) - (Size=215 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=62 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: A75B10F4)
Partition 1: (Active) - (Size=311 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=155 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

--- --- ---
Hallo Schrauber, hier sind die Teile. Gruß Sepp

schrauber · 19.09.2013, 21:29

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Sepp3142 · 19.09.2013, 22:18

Hallo Schrauber, diese Combofix.exe hat Virus. Ich werde sie nicht installieren. Gruß Sepp3124

schrauber · 20.09.2013, 11:14

Bullshit, die Datei ist von uns aus der Community und wird am Tag 1 milliarde mal genutzt. Ich würd mal das Antivirenprogram abschalten das diesen Stuss meldet

Sepp3142 · 20.09.2013, 11:28

Hallo Schrauber, du sagst Bullshit. Sieh mal hier und sag mir, daß das harmlos ist..Scan von Virustotal 19.09., 8 Treffer. Du mußt verstehen, daß ich da skeptisch bin. Gruß Sepp3124

schrauber · 20.09.2013, 11:33

Was genau lädst du hoch? die Combofix.exe? Die ist sauber. schau dich en bissl um, schau vielleicht in die knapp 200 posts die ich heut schon gemacht hab, und wieviel tausend User täglich Combofix anwenden nach Anleitung. Das Ding ist sauber.

Zeig mal den Link zum Virustotal Ergebnis.

Wenn Du Combofix auber runterlädst und nit auf die Werbung klickst passt das. Entweder Combofix oder Formatieren. Ich kann aus der Ferne sonst nix machen.

Sepp3142 · 20.09.2013, 11:49

Hallo Schrauber ,hier ist der Link. https://www.virustotal.com/de/file/09d48b2958803957c05ed93223b35f765061b03a1cea2e6ef1514c4bcbaf078d/analysis/ .Ich hab´die .exe direkt von combofix runtergeladen.

schrauber · 20.09.2013, 15:36

Fehlalarme

20.09.2013, 11:14	#6
schrauber /// the machine /// TB-Ausbilder	Firewall blockt .exe Datei Bullshit, die Datei ist von uns aus der Community und wird am Tag 1 milliarde mal genutzt. Ich würd mal das Antivirenprogram abschalten das diesen Stuss meldet __________________ --> Firewall blockt .exe Datei

20.09.2013, 15:36	#10
schrauber /// the machine /// TB-Ausbilder	Firewall blockt .exe Datei Fehlalarme __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Firewall blockt .exe Datei

Plagegeister aller Art und deren Bekämpfung: Firewall blockt .exe Datei