|
Plagegeister aller Art und deren Bekämpfung: Windows 7: Trojaner - ClickCompareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.11.2013, 09:20 | #16 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Verbindest Du mit einem Google Konto?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
07.11.2013, 16:39 | #17 |
| Windows 7: Trojaner - ClickCompare Ja ich verbinde mit Google-Konto, damit es mit meinem Samsung synchronisiert wird. Hatte ich aber eigentlich vorher auch gemacht. Seit der Virenbereinigung kommt nach dem Absturz immer ein Fenster: Chrome ist abgest(ü)rzt - Neu starten?
__________________ |
08.11.2013, 10:11 | #18 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Der Müll hat sich mit dem konto synchronisiert, immer wenn Du das Konto verbindest kommt es wieder neu in Chrome.
__________________Verbinde das Konto, dann in den Einstellungen von Chrome alles rauslöschen.
__________________ |
09.11.2013, 13:14 | #19 |
| Windows 7: Trojaner - ClickCompare Hat leider auch keine Hilfe gebracht. Stürzt immer noch gelegentlich ab. |
10.11.2013, 07:01 | #20 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Chrome? Wann? Nur wenn Du zb Filem/Flash am laufen hast oder wann?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
10.11.2013, 17:35 | #21 |
| Windows 7: Trojaner - ClickCompare Ja Chrome genau und eigentlich zu völlig unterschiedlichen Zeitpunkten, daher denke ich auch nicht, dass es was mit Flash zu tun hat. Kann es sein, dass sich irgendwo noch was eingenistet hat im Rechner bzw. irgendwas falsches gelöscht haben. Die Fehlermeldung sieht auch irgendwie bisschen komisch aus, ich mach dir mal beim nächsten Mal einfach einen Screenshot. |
10.11.2013, 19:54 | #22 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Ja bitte nen Screenshot.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.11.2013, 16:15 | #23 |
| Windows 7: Trojaner - ClickCompare Bitteschön - der Screenshot. |
12.11.2013, 10:09 | #24 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Bitte schick mir heut Abend mal ne PM als Erinnerung. Ich seh den Screenshot auf Arbeit nicht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.11.2013, 23:38 | #25 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Ah jetzt seh ich ihn . Alles klar. Öffne bitte FRST, setz nen Haken bei Additional und scanne, poste beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
13.11.2013, 16:15 | #26 |
| Windows 7: Trojaner - ClickCompare Wunderbar Wie ich lese, meldet da Chrome einige Errors Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2013 Ran by Daniel at 2013-11-13 16:14:40 Running from C:\Users\Daniel\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: F-Secure Client Security 9.32 (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AS: F-Secure Client Security 9.32 (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: F-Secure Internet Security 2011 10.51 (Disabled) {2D7AC0A6-6241-D774-E168-461178D9686C} ==================== Installed Programs ====================== 2.0 (x32) 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe AIR (x32 Version: 3.8.0.870) Adobe Community Help (x32 Version: 3.5.23) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Photoshop Elements 10 (x32 Version: 10.0) Adobe Photoshop Lightroom 3.2 64-bit (Version: 3.2.1) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Ashampoo Burning Studio Elements 10.0.9 (x32 Version: 3.1.1) ASUS MultiFrame (x32 Version: 1.0.22) Audacity 2.0.3 (x32 Version: 2.0.3) AVM FRITZ!WLAN (x32) BenVista PhotoZoom Pro 5.0.6 (HKCU Version: 5.0.6) Bonjour (Version: 3.0.0.10) Borland Delphi 7 (x32 Version: 7.0) Camtasia Studio 7 (x32 Version: 7.0.1) CCleaner (Version: 3.20) Corel Applications (x32) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell Dock (Version: 2.0) Dell Dock (x32) Dell Edoc Viewer (Version: 1.0.0) Dell Getting Started Guide (x32 Version: 1.00.0000) Dell System Detect (HKCU Version: 5.3.2.10) Die ersten 10 Jahre (x32 Version: 1.00.0000) Die Gilde Gold-Edition (x32 Version: 2.06) DirectXInstallService (x32 Version: 9.0.2) Dropbox (HKCU Version: 2.0.22) Elements 10 Organizer (x32 Version: 10.0) EPSON Printer Software EPSON Scan (x32) Euro Truck Simulator 1.00 (x32 Version: 1.00) FIFA 12 (x32 Version: 1.0.0.0) FileZilla Client 3.7.3 (x32 Version: 3.7.3) Folderico 4.0 RC12 (x32 Version: 4.0 RC12) Formatwandler 4 SE (x32 Version: 4.0.11.615) Franzis 3D-Eisenbahnplaner 11 (x32) F-Secure Client Security - AntiVirus & AntiSpy-Schutz (x32 Version: 9.30) F-Secure Client Security - Browser-Schutz (x32 Version: 1.10.1015) F-Secure Client Security - DeepGuard (x32 Version: 3.00.203) F-Secure Client Security - Web-Datenverkehr-Scanning (x32 Version: 2.01.2450) F-Secure Gerätesteuerung (x32 Version: 1.00.17436) GeForce Experience NvStream Client Components (Version: 1.6.28) GIMP 2.8.2 (Version: 2.8.2) Google Chrome (x32 Version: 30.0.1599.101) Google Earth (x32 Version: 7.0.1.8244) Google Update Helper (x32 Version: 1.3.21.165) Harry Potter und die Heiligtümer des Todes™ - Teil 1 (x32 Version: 1.0.0.0) Hauppauge MCE CI Plugin (x32) Hauppauge TV Tuner Diagnostics (1.2.7076) (x32 Version: 1.2.7076) HCW85 Driver Installer (x32 Version: 2.1.27205) HotPotatoes v 6.3.0.4 (x32) iCloud (Version: 3.0.2.163) Incomedia WebSite X5 v9 - Smart (x32 Version: 9.0.0.1654) Intel(R) Control Center (x32 Version: 1.2.0.1006) Intel(R) Rapid Storage Technology (x32 Version: 9.5.0.1037) Internet-TV für Windows Media Center (x32 Version: 4.2.2.0) iTunes (Version: 11.1.1.11) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Junk Mail filter update (x32 Version: 15.4.3502.0922) LifeFrame2 (x32 Version: 2.0.22) MAGIX Foto Manager 10 (x32 Version: 8.0.1.136) MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.6) MAGIX Web Designer 6 (x32 Version: 6.0.1.17005) MAGIX Xtreme Foto & Grafik Designer 5 (Silver) (x32 Version: 5.1.2.15876) Medieval II Total War (x32 Version: 1.03.000) Medieval II Total War : Kingdoms : Americas (x32 Version: 1.03.000) Medieval II Total War : Kingdoms : Britannia (x32 Version: 1.03.000) Medieval II Total War : Kingdoms : Crusades (x32 Version: 1.03.000) Medieval II Total War : Kingdoms : Teutonic (x32 Version: 1.03.000) Mesh Runtime (x32 Version: 15.4.5722.2) Messenger Companion (x32 Version: 15.4.3502.0922) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320) Microsoft .NET Framework 4 Extended (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000) Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42) Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Train Simulator (x32) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Windows Media Video 9 VCM (x32) Microsoft Works (x32 Version: 9.7.0621) Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1) Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053) Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000) Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000) MobileMe Control Panel (Version: 3.1.8.0) Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0) Mozilla Maintenance Service (x32 Version: 25.0) MSVC80_x64_v2 (Version: 1.0.3.0) MSVC80_x86_v2 (x32 Version: 1.0.3.0) MSVC90_x64 (Version: 1.0.1.2) MSVC90_x86 (x32 Version: 1.0.1.2) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) Multimedia Card Reader (x32 Version: 1.4.915.1) My Dell (Version: 3.4.6308.28) Need for Speed Underground 2 (x32) Notepad++ (x32 Version: 5.8) NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65) NVIDIA 3D Vision Treiber 331.65 (Version: 331.65) NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1) NVIDIA Grafiktreiber 331.65 (Version: 331.65) NVIDIA Install Application (Version: 2.1002.140.952) NVIDIA LED Visualizer 1.0 (Version: 1.0) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165) NVIDIA Systemsteuerung 331.65 (Version: 331.65) NVIDIA Update 9.3.21 (Version: 9.3.21) NVIDIA Update Components (Version: 9.3.21) NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9) Origin (x32 Version: 9.0.15.65) Paint.NET v3.5.10 (Version: 3.60.0) PDF24 Creator 4.2.0 (x32) PerfectDisk 10 Professional (Version: 10.0.116) PhotoScape (x32) PlayReady PC Runtime amd64 (Version: 1.3.0) PowerDVD DX (x32 Version: 8.3.6029) Prince of Persia T2T (x32 Version: 1.00.999) Prince of Persia The Sands of Time (x32 Version: 1.00.181) Prince of Persia The Two Thrones (x32 Version: 1.00.999) Prince of Persia Warrior Within (x32 Version: 1.00.999) PSE10 STI Installer (x32 Version: 10.0) QuickTime (x32 Version: 7.74.80.86) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5953) Rettungswagen Simulator 2012 (x32) RocketDock 1.3.5 (x32) RollerCoaster Tycoon 3 (x32) Samsung Kies (x32 Version: 2.5.0.12114_1) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.24.0) SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (x32 Version: 13.0.4.705) Secunia PSI (3.0.0.3001) (x32 Version: 3.0.0.3001) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) ShareKM 1.0.19 (x32 Version: 1.0.19) SHIELD Streaming (Version: 1.6.53) SHIFT 2 UNLEASHED™ (x32 Version: 1.0.0.0) SimCity 4 Deluxe (x32) Skype™ 6.6 (x32 Version: 6.6.106) Soda PDF 5 (x32 Version: 5.0.131.9113) soft Xpansion Perfect PDF 5 Premium (x32 Version: 5.0) Steam (x32 Version: 1.0.0.0) Steganos Privacy Suite 12 (x32 Version: 12.1.1) Steganos Privacy Suite 2012 (x32 Version: 13.0.5) Stronghold (x32 Version: 1.20.0000) Stronghold 2 (x32 Version: 1.40.1000) Stronghold Crusader Extreme (x32 Version: 1.20.0000) Stronghold Legends (x32 Version: 1.20.0000) TeamViewer 7 (x32 Version: 7.0.14484) Test Drive Unlimited (x32 Version: 1.00.0000) THX TruStudio PC (x32 Version: 1.0) Ticket to Ride (x32) TimeComX Basic (32-Bit) (x32 Version: 1.3.2.4) TmUnitedForever (x32) TuneUp Utilities 2012 (x32 Version: 12.0.3600.151) TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4) TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.151) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32) USBLogon 1.5.0.0 (Version: 1.5.0.0) VirtualDJ Home FREE (x32 Version: 7.0.4) VLC media player 2.0.2 (x32 Version: 2.0.2) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Family Safety (Version: 15.4.3555.0308) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Media Encoder 9 Series (x32 Version: 9.00.2980) Windows Media Encoder 9 Series (x32) Windows XP Mode (Version: 1.3.7600.16422) ==================== Restore Points ========================= 09-11-2013 11:45:35 Windows Update 12-11-2013 14:55:50 Windows Update 12-11-2013 18:08:02 Installed LifeFrame2 12-11-2013 18:19:18 Installed ASUS MultiFrame ==================== Hosts content: ========================== 2011-10-24 13:01 - 2013-11-02 19:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {01737C47-928A-458F-8C4A-779F0A3DF882} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {0A886F4C-5902-40E0-92A1-F9B349A54A90} - System32\Tasks\TWIN 7 Live-Update => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe Task: {0B417F8F-332F-48F9-A96C-EC3C4EE40EC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {2E826256-A2DB-4575-B757-C7545D9213F8} - System32\Tasks\TWIN 7 1-Klick-Optimierung => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe Task: {43C7F0A9-2C58-4396-A0B3-06E5119363E8} - System32\Tasks\{A05D14E6-C937-4854-9616-0DA1DCA06FB1} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.) Task: {4FD6F98F-00F9-4873-B434-731330B2A7FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.) Task: {586E3BE1-38FD-42A5-8E5A-610A3C018D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {676EB4AE-2DDB-4E5B-ABFF-6351AA872B6C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2013-10-22] (TuneUp Software) Task: {6CCE4CEB-ECCA-48FB-A4ED-777C13AA1131} - System32\Tasks\Google Updater and Installer => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe Task: {719D66C2-8E8A-4294-B298-4DAB45F1D361} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-06] (PC-Doctor, Inc.) Task: {8BE48F83-A861-40C4-8902-F22FBEB28374} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd) Task: {91B80476-F1B8-4489-94C5-76265197A7F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.) Task: {A30A7DAB-8AF0-4C6F-B2AA-C5BEA45E1DF1} - System32\Tasks\{68F0DC71-ED5A-47F4-A90D-BD88B58E9275} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/es/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent Task: {AFA5AB68-918A-41C8-B517-9C29A930815A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {B6DD0240-B173-4894-BAD9-C6AC28177827} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe Task: {E53C5BCF-5BDA-44E7-B691-F3BA5810A9E3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.) Task: {E54A43A7-B5B9-4513-BE78-9AD79572C138} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\Anti-Virus\fsav.exe [2012-06-26] (F-Secure Corporation) Task: {F49D6357-D728-4CDA-AA11-DBB081D749EF} - System32\Tasks\AdobeAAMUpdater-1.0-Daniel-PC-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {FB4737D6-DEF9-4218-A4D3-BA2689C178C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12] (Adobe Systems Incorporated) Task: {FE355981-5699-42DC-BD1E-DC2119AB30A4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\Anti-Virus\fsav.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-05-29 22:01 - 2009-10-02 12:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00208624 _____ () c:\program files (x86)\f-secure\daas2\daas2.dll 2012-10-14 20:46 - 2012-10-14 20:46 - 00030888 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll 2012-10-14 20:41 - 2013-07-02 09:52 - 00945088 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\fm4av.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00036864 _____ () C:\Program Files (x86)\F-Secure\Anti-Virus\FSAVHRES.eng 2012-01-22 14:45 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00442096 _____ () C:\Program Files (x86)\F-Secure\FSGUI\about.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00089840 _____ () C:\Program Files (x86)\F-Secure\FSGUI\aboutres.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00086016 _____ () C:\Program Files (x86)\F-Secure\FSGUI\strres.eng 2012-10-14 20:41 - 2012-06-26 17:25 - 00552688 _____ () C:\Program Files (x86)\F-Secure\FSGUI\gres.dll 2012-10-14 20:41 - 2012-06-26 17:25 - 00045056 _____ () C:\Program Files (x86)\F-Secure\FSGUI\fsavures.eng 2013-04-04 00:09 - 2013-04-04 00:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 2010-10-20 16:08 - 2010-10-20 16:08 - 00122720 _____ () C:\Program Files (x86)\Microsoft Office\Office14\OUTLCTL.DLL 2012-11-23 15:34 - 2012-11-23 15:34 - 00035200 _____ () C:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll 2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2013-11-04 15:46 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll 2013-11-04 15:46 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll 2013-11-04 15:46 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll 2013-11-04 15:46 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll 2013-11-04 15:46 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll 2013-11-04 15:46 - 2013-10-09 01:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:0888F409 AlternateDataStreams: C:\ProgramData\TEMP:2BE9FEFC ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/06/2013 04:40:41 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 30.0.1599.101, Zeitstempel: 0x52547456 Name des fehlerhaften Moduls: chrome.dll, Version: 30.0.1599.101, Zeitstempel: 0x525473d5 Ausnahmecode: 0x80000003 Fehleroffset: 0x0074f635 ID des fehlerhaften Prozesses: 0x2f14 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (11/04/2013 05:59:36 PM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (11/04/2013 05:59:36 PM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (11/04/2013 08:35:34 AM) (Source: Chrome) (User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92abe88f-d7e0-4a75-94b9-4cce098d2029.dmp Error: (11/04/2013 08:29:08 AM) (Source: Chrome) (User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b3abee4c-b11e-48d2-a2df-199504113295.dmp Error: (11/04/2013 08:09:59 AM) (Source: Chrome) (User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1c3ea72a-e289-4e25-9852-ec5f82adbb6b.dmp Error: (11/03/2013 10:33:12 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/03/2013 07:11:04 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/03/2013 07:10:54 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (11/13/2013 03:55:09 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{47FBFDEF-B1B7-48BC-A919-84905A8B6623}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (11/13/2013 03:43:11 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{47FBFDEF-B1B7-48BC-A919-84905A8B6623}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (11/13/2013 03:42:38 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: UimBus Uim_IM Error: (11/13/2013 03:42:35 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/12/2013 10:28:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst Steganos Volatile Disk konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (11/12/2013 10:21:08 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: UimBus Uim_IM Error: (11/12/2013 10:21:07 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/12/2013 10:18:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst Steganos Volatile Disk konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (11/12/2013 09:54:49 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: UimBus Uim_IM Error: (11/12/2013 09:54:48 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Microsoft Office Sessions: ========================= Error: (11/06/2013 04:40:41 PM) (Source: Application Error)(User: ) Description: chrome.exe30.0.1599.10152547456chrome.dll30.0.1599.101525473d5800000030074f6352f1401cedb049d6f60bbC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dllca03df8d-46f9-11e3-9f60-001c4aff6db0 Error: (11/04/2013 05:59:36 PM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (11/04/2013 05:59:36 PM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (11/04/2013 08:35:34 AM) (Source: Chrome)(User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92abe88f-d7e0-4a75-94b9-4cce098d2029.dmp Error: (11/04/2013 08:29:08 AM) (Source: Chrome)(User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b3abee4c-b11e-48d2-a2df-199504113295.dmp Error: (11/04/2013 08:09:59 AM) (Source: Chrome)(User: NT-AUTORITÄT) Description: Chrome has encountered a fatal error. ver=30.0.1599.101;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1c3ea72a-e289-4e25-9852-ec5f82adbb6b.dmp Error: (11/03/2013 10:33:12 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (11/03/2013 07:11:04 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe Error: (11/03/2013 07:10:54 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Daniel\Desktop\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2013-11-02 19:20:11.628 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-11-02 19:20:11.478 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-28 22:54:49.961 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-08 15:50:51.601 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-08 15:29:02.656 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-07 19:26:31.321 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-07 17:17:21.177 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-05 17:42:43.974 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-05 15:54:28.516 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-05-03 18:04:09.966 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 38% Total physical RAM: 8151.08 MB Available physical RAM: 5009.68 MB Total Pagefile: 16300.34 MB Available Pagefile: 12950.43 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1790.01 GB) (Free:518.7 GB) NTFS Drive d: (DATAPART1) (Fixed) (Total:63.02 GB) (Free:8.94 GB) NTFS Drive e: (Webcam Series) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1800 GB) (Disk ID: 58000000) Partition 1: (Not Active) - (Size=86 MB) - (Type=DE) Partition 2: (Active) - (Size=10 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=-277014904832) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 63 GB) (Disk ID: DD34E22C) Partition 1: (Not Active) - (Size=63 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2013 Ran by Daniel (administrator) on DANIEL-PC on 13-11-2013 16:13:34 Running from C:\Users\Daniel\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe (BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Common\FSHDLL32.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe (LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe (LULU Software) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe (Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe () C:\Program Files\USBLogon\usblonsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Common\FSHDLL64.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Common\FIH32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSM32.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS MultiFrame\MultiFrame.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RunDLLEntry_THXCfg] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKCU\...\Policies\system: [DisableClock] 0 HKCU\...\Policies\system: [DisableLockWorkstation] 0 HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [1454080 2006-12-28] (AVM Berlin) HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\F-Secure\common\FSM32.EXE [306928 2012-06-26] (F-Secure Corporation) HKLM-x32\...\Run: [F-Secure TNB] - C:\Program Files (x86)\F-Secure\FSGUI\tnbutil.exe [1654512 2012-06-26] (F-Secure Corporation) HKU\Gastkonto\...\Policies\system: [DisableLockWorkstation] 0 HKU\Gastkonto\...\Policies\system: [DisableClock] 0 HKU\Gastkonto\...\Policies\system: [LogonHoursAction] 2 HKU\Gastkonto\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 AppInit_DLLs: [ ] () Startup: C:\ProgramData\.zreglib () Startup: C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 () Startup: C:\ProgramData\Adobe () Startup: C:\ProgramData\Advanced Chemistry Development () Startup: C:\ProgramData\Anwendungsdaten () Startup: C:\ProgramData\Apple () Startup: C:\ProgramData\Apple Computer () Startup: C:\ProgramData\Application Data () Startup: C:\ProgramData\ashampoo () Startup: C:\ProgramData\ASUS () Startup: C:\ProgramData\Avery () Startup: C:\ProgramData\AVS4YOU () Startup: C:\ProgramData\BVRP Software () Startup: C:\ProgramData\Canneverbe Limited () Startup: C:\ProgramData\Caphyon () Startup: C:\ProgramData\Citrix () Startup: C:\ProgramData\Common Files () Startup: C:\ProgramData\Creative () Startup: C:\ProgramData\CyberLink () Startup: C:\ProgramData\DATA BECKER Downloads () Startup: C:\ProgramData\Dell () Startup: C:\ProgramData\Desktop () Startup: C:\ProgramData\Device () Startup: C:\ProgramData\Documents () Startup: C:\ProgramData\Dokumente () Startup: C:\ProgramData\EA Core () Startup: C:\ProgramData\Electronic Arts () Startup: C:\ProgramData\Engelmann Media () Startup: C:\ProgramData\EPSON () Startup: C:\ProgramData\EXPLAUNCHER () Startup: C:\ProgramData\F-Secure () Startup: C:\ProgramData\F-Secure uninstallationtool () Startup: C:\ProgramData\Favoriten () Startup: C:\ProgramData\Favorites () Startup: C:\ProgramData\FLEXnet () Startup: C:\ProgramData\Folderico () Startup: C:\ProgramData\fssg () Startup: C:\ProgramData\Google () Startup: C:\ProgramData\InstallMate () Startup: C:\ProgramData\InstallShield () Startup: C:\ProgramData\iolo () Startup: C:\ProgramData\Langenscheidt () Startup: C:\ProgramData\launcher () Startup: C:\ProgramData\Licenses () Startup: C:\ProgramData\MAGIX () Startup: C:\ProgramData\Malwarebytes () Startup: C:\ProgramData\Microsoft () Startup: C:\ProgramData\Microsoft Help () Startup: C:\ProgramData\Mozilla () Startup: C:\ProgramData\Nero () Startup: C:\ProgramData\Nokia () Startup: C:\ProgramData\NokiaInstallerCache () Startup: C:\ProgramData\NVIDIA () Startup: C:\ProgramData\NVIDIA Corporation () Startup: C:\ProgramData\Oracle () Startup: C:\ProgramData\Origin () Startup: C:\ProgramData\PC Suite () Startup: C:\ProgramData\PC-Doctor for Windows () Startup: C:\ProgramData\PCDr () Startup: C:\ProgramData\PCPitstop () Startup: C:\ProgramData\POP3Profiles () Startup: C:\ProgramData\POPWWPROFILES () Startup: C:\ProgramData\Publish Data () Startup: C:\ProgramData\RapidSolution () Startup: C:\ProgramData\Raxco () Startup: C:\ProgramData\regid.1986-12.com.adobe () Startup: C:\ProgramData\Roxio () Startup: C:\ProgramData\Samsung () Startup: C:\ProgramData\SecTaskMan () Startup: C:\ProgramData\Skype () Startup: C:\ProgramData\SlySoft () Startup: C:\ProgramData\soft Xpansion () Startup: C:\ProgramData\Solidshield () Startup: C:\ProgramData\Sonic () Startup: C:\ProgramData\Sony Ericsson () Startup: C:\ProgramData\Start Menu () Startup: C:\ProgramData\Startmenü () Startup: C:\ProgramData\Sun () Startup: C:\ProgramData\Sydatec () Startup: C:\ProgramData\TeamDrive () Startup: C:\ProgramData\TechSmith () Startup: C:\ProgramData\TEMP () Startup: C:\ProgramData\Templates () Startup: C:\ProgramData\Test Drive Unlimited () Startup: C:\ProgramData\TrackMania () Startup: C:\ProgramData\TuneUp Software () Startup: C:\ProgramData\Uninstall () Startup: C:\ProgramData\USBLogon () Startup: C:\ProgramData\Vorlagen () Startup: C:\ProgramData\VS Revo Group () Startup: C:\ProgramData\Z-Software () Startup: C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} () Startup: C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} () Startup: C:\ProgramData\{68AAD244-0F3A-4B81-8F06-916C1F5599BD} () Startup: C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} () Startup: C:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204} () Startup: C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} () Startup: C:\Users\Daniel\.borland () Startup: C:\Users\Daniel\.gimp-2.6 () Startup: C:\Users\Daniel\.gimp-2.8 () Startup: C:\Users\Daniel\.mediathek () Startup: C:\Users\Daniel\.thumbnails () Startup: C:\Users\Daniel\.VirtualBox () Startup: C:\Users\Daniel\Anwendungsdaten () Startup: C:\Users\Daniel\AppData () Startup: C:\Users\Daniel\Application Data () Startup: C:\Users\Daniel\AVM_Driver () Startup: C:\Users\Daniel\Contacts () Startup: C:\Users\Daniel\Cookies () Startup: C:\Users\Daniel\Desktop () Startup: C:\Users\Daniel\Documents () Startup: C:\Users\Daniel\Downloads () Startup: C:\Users\Daniel\Dropbox () Startup: C:\Users\Daniel\Druckumgebung () Startup: C:\Users\Daniel\Eigene Dateien () Startup: C:\Users\Daniel\Favorites () Startup: C:\Users\Daniel\InstallAnywhere () Startup: C:\Users\Daniel\Links () Startup: C:\Users\Daniel\Lokale Einstellungen () Startup: C:\Users\Daniel\Music () Startup: C:\Users\Daniel\Netzwerkumgebung () Startup: C:\Users\Daniel\ntuser.dat () Startup: C:\Users\Daniel\ntuser.dat.LOG1 () Startup: C:\Users\Daniel\ntuser.dat.LOG2 () Startup: C:\Users\Daniel\NTUSER.DAT_tureg_new.LOG1 () Startup: C:\Users\Daniel\NTUSER.DAT_tureg_new.LOG2 () Startup: C:\Users\Daniel\NTUSER.DAT_tureg_old () Startup: C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () Startup: C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{400f5122-410e-11e0-ae81-806e6f6e6963}.TM.blf () Startup: C:\Users\Daniel\NTUSER.DAT{400f5122-410e-11e0-ae81-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{400f5122-410e-11e0-ae81-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Daniel\ntuser.dat{66748323-1c94-11e3-9db3-001c4aff6db0}.TM.blf () Startup: C:\Users\Daniel\ntuser.dat{66748323-1c94-11e3-9db3-001c4aff6db0}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Daniel\ntuser.dat{66748323-1c94-11e3-9db3-001c4aff6db0}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{90f6707e-d804-11e1-8ed6-806e6f6e6963}.TM.blf () Startup: C:\Users\Daniel\NTUSER.DAT{90f6707e-d804-11e1-8ed6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{90f6707e-d804-11e1-8ed6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{bf15720f-4ebc-11e2-b7c2-001c4aff6db0}.TM.blf () Startup: C:\Users\Daniel\NTUSER.DAT{bf15720f-4ebc-11e2-b7c2-001c4aff6db0}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Daniel\NTUSER.DAT{bf15720f-4ebc-11e2-b7c2-001c4aff6db0}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Daniel\ntuser.ini () Startup: C:\Users\Daniel\ntuser.pol () Startup: C:\Users\Daniel\Pictures () Startup: C:\Users\Daniel\Podcasts () Startup: C:\Users\Daniel\Projekte () Startup: C:\Users\Daniel\Recent () Startup: C:\Users\Daniel\Saved Games () Startup: C:\Users\Daniel\Searches () Startup: C:\Users\Daniel\SendTo () Startup: C:\Users\Daniel\setup.exe (LionSea SoftWare ) Startup: C:\Users\Daniel\Startmenü () Startup: C:\Users\Daniel\Videos () Startup: C:\Users\Daniel\Virtual Machines () Startup: C:\Users\Daniel\VirtualBox VMs () Startup: C:\Users\Daniel\Vorlagen () Startup: C:\Users\Default\Anwendungsdaten () Startup: C:\Users\Default\AppData () Startup: C:\Users\Default\Application Data () Startup: C:\Users\Default\Desktop () Startup: C:\Users\Default\Documents () Startup: C:\Users\Default\Downloads () Startup: C:\Users\Default\Druckumgebung () Startup: C:\Users\Default\Eigene Dateien () Startup: C:\Users\Default\Favorites () Startup: C:\Users\Default\Links () Startup: C:\Users\Default\Local Settings () Startup: C:\Users\Default\Lokale Einstellungen () Startup: C:\Users\Default\Music () Startup: C:\Users\Default\My Documents () Startup: C:\Users\Default\NetHood () Startup: C:\Users\Default\Netzwerkumgebung () Startup: C:\Users\Default\NTUSER.DAT () Startup: C:\Users\Default\NTUSER.DAT.LOG () Startup: C:\Users\Default\NTUSER.DAT.LOG1 () Startup: C:\Users\Default\NTUSER.DAT.LOG2 () Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Default\Pictures () Startup: C:\Users\Default\PrintHood () Startup: C:\Users\Default\Recent () Startup: C:\Users\Default\Saved Games () Startup: C:\Users\Default\SendTo () Startup: C:\Users\Default\Start Menu () Startup: C:\Users\Default\Startmenü () Startup: C:\Users\Default\Templates () Startup: C:\Users\Default\Videos () Startup: C:\Users\Default\Vorlagen () Startup: C:\Users\Gastkonto\AppData () Startup: C:\Users\Gastkonto\ntuser.dat () Startup: C:\Users\Gastkonto\ntuser.dat.LOG1 () Startup: C:\Users\Gastkonto\ntuser.dat.LOG2 () Startup: C:\Users\Gastkonto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () Startup: C:\Users\Gastkonto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\Gastkonto\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\Public\AppData () Startup: C:\Users\Public\Desktop () Startup: C:\Users\Public\Documents () Startup: C:\Users\Public\Downloads () Startup: C:\Users\Public\Favorites () Startup: C:\Users\Public\Libraries () Startup: C:\Users\Public\Music () Startup: C:\Users\Public\Pictures () Startup: C:\Users\Public\Recorded TV () Startup: C:\Users\Public\Videos () Startup: C:\Users\UpdatusUser\Anwendungsdaten () Startup: C:\Users\UpdatusUser\AppData () Startup: C:\Users\UpdatusUser\Contacts () Startup: C:\Users\UpdatusUser\Cookies () Startup: C:\Users\UpdatusUser\Desktop () Startup: C:\Users\UpdatusUser\Documents () Startup: C:\Users\UpdatusUser\Downloads () Startup: C:\Users\UpdatusUser\Druckumgebung () Startup: C:\Users\UpdatusUser\Eigene Dateien () Startup: C:\Users\UpdatusUser\Favorites () Startup: C:\Users\UpdatusUser\Links () Startup: C:\Users\UpdatusUser\Lokale Einstellungen () Startup: C:\Users\UpdatusUser\Music () Startup: C:\Users\UpdatusUser\Netzwerkumgebung () Startup: C:\Users\UpdatusUser\NTUSER.DAT () Startup: C:\Users\UpdatusUser\ntuser.dat.LOG1 () Startup: C:\Users\UpdatusUser\ntuser.dat.LOG2 () Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf () Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms () Startup: C:\Users\UpdatusUser\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms () Startup: C:\Users\UpdatusUser\ntuser.ini () Startup: C:\Users\UpdatusUser\Pictures () Startup: C:\Users\UpdatusUser\Recent () Startup: C:\Users\UpdatusUser\Saved Games () Startup: C:\Users\UpdatusUser\Searches () Startup: C:\Users\UpdatusUser\SendTo () Startup: C:\Users\UpdatusUser\Startmenü () Startup: C:\Users\UpdatusUser\Videos () Startup: C:\Users\UpdatusUser\Vorlagen () SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) BootExecute: PDBoot.exeautocheck autochk * ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {1940599C-32B7-46B3-863C-8A626C042730} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {1940599C-32B7-46B3-863C-8A626C042730} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll No File BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll (soft Xpansion) Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 2012\SPMIEToolbar.dll (Steganos Software GmbH) Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software) Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - No File Handler-x32: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files (x86)\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 02 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 03 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 04 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 05 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 06 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 07 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 08 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 09 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 10 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9 21 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll [193264] (F-Secure Corporation) Winsock: Catalog9-x64 01 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 02 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 03 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 04 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 05 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 06 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 07 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 08 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 09 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 10 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Winsock: Catalog9-x64 21 C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll [223984] (F-Secure Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Click&Clean - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\clickclean@hotcleaner.com FF Extension: facebook - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\facebook@disconnect.me.xpi FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi FF Extension: longurlplease - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\longurlplease@darragh.curran.xpi FF Extension: testpilot - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: trackerblock - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\trackerblock@privacychoice.org.xpi FF Extension: sap - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd}.xpi FF Extension: noscript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: greasemonkey - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\dph0vwph.tarnfox\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 2012\pfplugin FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 2012\spmplugin3 FF HKLM-x32\...\Firefox\Extensions: [fe_12.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_12.0 FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi Chrome: ======= CHR HomePage: hxxp://www.t-online.de/ CHR RestoreOnStartup: "hxxp://www.t-online.de/" CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Add to Amazon Wish List) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0 CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0 CHR Extension: (Porsche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0 CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [220912 2012-06-26] (F-Secure Corporation) R3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [188144 2012-06-26] (F-Secure Corporation) R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [516848 2012-06-26] (F-Secure Corporation) R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [188144 2012-06-26] (F-Secure Corporation) R3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation) R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [841544 2011-02-18] (BinarySense, Inc.) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc.) S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc.) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia) R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software) R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software) R2 Steganos Volatile Disk; C:\Windows\SysWow64\STGRAMDiskHandler64.exe [450560 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-10-22] (TuneUp Software) R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [9216 2012-10-06] () S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [x] S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x] ==================== Drivers (Whitelisted) ==================== R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2010-06-14] (Protect Software GmbH) R2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2010-06-14] (Protect Software GmbH) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin) R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [41072 2012-06-26] () R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-17] (F-Secure Corporation) S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [26352 2012-06-26] () S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [14064 2012-06-26] () R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation) S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation) S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation) S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation) S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation) S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation) S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation) S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation) R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - ) R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - ) S3 StarOpen; No ImagePath R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2012-10-29] (Softwareentwicklung Remus - ArchiCrypt.com) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software) S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [53840 2011-03-03] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [528464 2011-03-03] (Paragon) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 connctfy; system32\DRIVERS\connctfy.sys [x] S3 connctfyMP; system32\DRIVERS\connctfy.sys [x] S3 dgderdrv; System32\drivers\dgderdrv.sys [x] U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] () U5 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2012-10-14] () S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-13 16:13 - 2013-11-13 16:14 - 00040508 _____ C:\Users\Daniel\Desktop\FRST.txt 2013-11-13 16:12 - 2013-11-13 16:13 - 01957610 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-11-12 20:38 - 2013-11-12 20:38 - 02816072 _____ (LionSea SoftWare ) C:\Users\Daniel\setup.exe 2013-11-12 20:38 - 2013-11-12 20:38 - 00000000 ____D C:\Users\Daniel\AppData\Local\DriverTuner 2013-11-12 19:10 - 2013-11-12 19:10 - 00000000 ____D C:\ProgramData\ASUS 2013-11-12 19:08 - 2013-11-12 19:19 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-11-12 19:03 - 2013-11-12 19:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation 2013-11-12 18:37 - 2013-11-12 19:26 - 00001526 _____ C:\Windows\Ascd_tmp.ini 2013-11-05 21:27 - 2013-11-05 21:28 - 00000000 ____D C:\Users\Daniel\.borland 2013-11-05 21:26 - 2013-11-05 21:26 - 00000000 ____D C:\Program Files (x86)\Borland 2013-11-04 15:49 - 2013-11-04 15:49 - 00000000 ____D C:\FRST 2013-11-04 15:43 - 2013-11-13 15:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-04 15:43 - 2013-11-13 15:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-04 15:43 - 2013-11-04 15:43 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-04 15:43 - 2013-11-04 15:43 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-04 15:39 - 2013-11-04 15:39 - 00000000 ____D C:\ProgramData\Oracle 2013-11-04 15:39 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-04 15:39 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-04 15:39 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-04 15:39 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-04 15:38 - 2013-11-04 15:39 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-03 20:46 - 2013-11-03 20:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NVIDIA 2013-11-03 15:10 - 2013-11-03 15:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2013-11-03 13:13 - 2013-11-03 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA 2013-11-03 13:11 - 2013-11-08 21:47 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2013-11-03 13:11 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2013-11-03 13:11 - 2013-11-03 13:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-11-03 13:10 - 2013-11-03 13:10 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2013-11-03 13:10 - 2013-07-30 16:50 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia 2013-11-03 13:10 - 2012-03-23 17:49 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help 2013-11-03 13:10 - 2010-05-29 22:26 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\SoftThinks 2013-11-03 13:10 - 2010-05-29 22:19 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-03 13:10 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-03 13:10 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-11-03 13:07 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-11-03 13:07 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-11-03 13:07 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-11-03 13:07 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2013-11-03 13:07 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2013-11-03 13:07 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-11-03 13:05 - 2013-11-03 13:05 - 00000000 ____D C:\Program Files\NVIDIA 2013-11-03 12:15 - 2013-11-03 13:04 - 00000000 ____D C:\Users\Daniel\Downloads\Grafiktreiber 2013-11-03 11:43 - 2013-11-03 11:43 - 00000000 ____D C:\Windows\ERUNT 2013-11-03 11:42 - 2013-10-23 11:30 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-11-03 11:42 - 2013-10-23 11:30 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-11-03 11:28 - 2013-11-03 11:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\F-Secure 2013-11-02 19:32 - 2013-11-13 15:42 - 00003178 _____ C:\Windows\System32\Tasks\Scheduled scanning task 2013-11-02 19:32 - 2013-11-13 15:42 - 00000542 _____ C:\Windows\Tasks\Scheduled scanning task.job 2013-11-02 19:12 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2013-11-02 19:12 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2013-11-02 19:12 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-11-02 19:12 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-11-02 19:12 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-11-02 19:12 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2013-11-02 19:12 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2013-11-02 19:12 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2013-11-02 19:09 - 2013-11-03 20:00 - 00000000 ____D C:\Qoobox 2013-11-02 19:09 - 2013-11-02 19:21 - 00000000 ____D C:\Windows\erdnt 2013-11-02 17:48 - 2013-11-02 17:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-11-02 17:48 - 2013-11-02 17:48 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-11-02 16:14 - 2009-07-14 02:14 - 01397248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utilman.exe 2013-11-02 15:13 - 2013-11-02 19:55 - 00012852 _____ C:\Windows\DPINST.LOG 2013-11-01 19:11 - 2013-11-01 19:11 - 00000000 _____ C:\Windows\coreldrw.INI 2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-21 17:33 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-21 17:33 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys ==================== One Month Modified Files and Folders ======= 2013-11-13 16:14 - 2013-11-13 16:13 - 00040508 _____ C:\Users\Daniel\Desktop\FRST.txt 2013-11-13 16:13 - 2013-11-13 16:12 - 01957610 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-11-13 16:08 - 2009-07-14 06:10 - 01345639 _____ C:\Windows\WindowsUpdate.log 2013-11-13 15:56 - 2013-08-14 18:40 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012 2013-11-13 15:54 - 2012-03-29 10:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-13 15:53 - 2010-06-05 18:56 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe 2013-11-13 15:50 - 2009-07-14 05:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-13 15:50 - 2009-07-14 05:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-13 15:49 - 2009-07-14 18:58 - 00721544 _____ C:\Windows\system32\perfh007.dat 2013-11-13 15:49 - 2009-07-14 18:58 - 00159054 _____ C:\Windows\system32\perfc007.dat 2013-11-13 15:49 - 2009-07-14 06:13 - 01678874 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-13 15:48 - 2013-11-04 15:43 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-13 15:48 - 2013-11-04 15:43 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-13 15:42 - 2013-11-02 19:32 - 00003178 _____ C:\Windows\System32\Tasks\Scheduled scanning task 2013-11-13 15:42 - 2013-11-02 19:32 - 00000542 _____ C:\Windows\Tasks\Scheduled scanning task.job 2013-11-13 15:42 - 2012-08-28 17:26 - 00073051 _____ C:\Windows\setupact.log 2013-11-13 15:42 - 2010-05-29 21:44 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-13 15:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-12 21:59 - 2010-06-08 20:09 - 00018944 _____ C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-12 20:38 - 2013-11-12 20:38 - 02816072 _____ (LionSea SoftWare ) C:\Users\Daniel\setup.exe 2013-11-12 20:38 - 2013-11-12 20:38 - 00000000 ____D C:\Users\Daniel\AppData\Local\DriverTuner 2013-11-12 20:38 - 2010-06-05 10:42 - 00000000 ____D C:\Users\Daniel 2013-11-12 19:26 - 2013-11-12 18:37 - 00001526 _____ C:\Windows\Ascd_tmp.ini 2013-11-12 19:19 - 2013-11-12 19:08 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-11-12 19:10 - 2013-11-12 19:10 - 00000000 ____D C:\ProgramData\ASUS 2013-11-12 19:03 - 2013-11-12 19:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation 2013-11-11 19:11 - 2010-09-27 14:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\FileZilla 2013-11-11 16:31 - 2013-05-22 16:49 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2013-11-10 17:27 - 2011-09-02 14:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc 2013-11-09 23:42 - 2010-09-20 19:34 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype 2013-11-09 12:31 - 2010-06-07 15:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\Deployment 2013-11-08 21:47 - 2013-11-03 13:11 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2013-11-08 21:47 - 2013-11-03 13:11 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2013-11-07 19:53 - 2011-01-08 18:14 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler 2013-11-05 21:28 - 2013-11-05 21:27 - 00000000 ____D C:\Users\Daniel\.borland 2013-11-05 21:26 - 2013-11-05 21:26 - 00000000 ____D C:\Program Files (x86)\Borland 2013-11-05 21:22 - 2013-08-28 13:26 - 00000000 ____D C:\Users\Daniel\Downloads\Delphi 7 2013-11-05 17:11 - 2012-03-23 15:38 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-04 17:59 - 2013-01-29 18:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-04 17:59 - 2012-10-22 14:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-04 17:59 - 2012-10-14 19:46 - 00079682 _____ C:\Windows\PFRO.log 2013-11-04 15:49 - 2013-11-04 15:49 - 00000000 ____D C:\FRST 2013-11-04 15:46 - 2010-06-05 20:50 - 00000000 ____D C:\Program Files (x86)\Google 2013-11-04 15:46 - 2010-06-05 20:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google 2013-11-04 15:43 - 2013-11-04 15:43 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-04 15:43 - 2013-11-04 15:43 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-04 15:39 - 2013-11-04 15:39 - 00000000 ____D C:\ProgramData\Oracle 2013-11-04 15:39 - 2013-11-04 15:38 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-04 15:39 - 2010-06-05 21:23 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-03 20:46 - 2013-11-03 20:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NVIDIA 2013-11-03 20:00 - 2013-11-02 19:09 - 00000000 ____D C:\Qoobox 2013-11-03 18:15 - 2013-04-17 13:56 - 00000000 ___RD C:\Users\Daniel\Dropbox 2013-11-03 18:15 - 2013-04-17 13:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox 2013-11-03 15:10 - 2013-11-03 15:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2013-11-03 15:09 - 2010-06-07 15:19 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apps\2.0 2013-11-03 13:13 - 2013-11-03 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA 2013-11-03 13:12 - 2013-09-13 16:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-11-03 13:11 - 2013-11-03 13:11 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-11-03 13:11 - 2013-09-13 16:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-11-03 13:11 - 2011-04-05 12:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-11-03 13:10 - 2013-11-03 13:10 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2013-11-03 13:10 - 2013-11-03 13:10 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2013-11-03 13:05 - 2013-11-03 13:05 - 00000000 ____D C:\Program Files\NVIDIA 2013-11-03 13:04 - 2013-11-03 12:15 - 00000000 ____D C:\Users\Daniel\Downloads\Grafiktreiber 2013-11-03 11:43 - 2013-11-03 11:43 - 00000000 ____D C:\Windows\ERUNT 2013-11-03 11:28 - 2013-11-03 11:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\F-Secure 2013-11-03 10:54 - 2012-08-11 12:29 - 00000000 ____D C:\Program Files (x86)\Steam 2013-11-02 20:23 - 2010-05-29 22:08 - 00000000 ____D C:\Program Files (x86)\Windows Live 2013-11-02 20:19 - 2012-12-25 17:51 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-11-02 20:19 - 2010-05-29 22:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-02 20:06 - 2013-03-09 23:32 - 00000000 ____D C:\Users\Daniel\AppData\Local\RadioSure 2013-11-02 19:55 - 2013-11-02 15:13 - 00012852 _____ C:\Windows\DPINST.LOG 2013-11-02 19:51 - 2012-08-28 15:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\Image Comparator 2013-11-02 19:22 - 2012-07-27 12:17 - 00000000 ____D C:\Users\Gastkonto 2013-11-02 19:21 - 2013-11-02 19:09 - 00000000 ____D C:\Windows\erdnt 2013-11-02 19:21 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2013-11-02 19:20 - 2012-10-24 14:22 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\convert 2013-11-02 19:04 - 2010-05-29 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-11-02 17:48 - 2013-11-02 17:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-11-02 17:48 - 2013-11-02 17:48 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-11-02 17:48 - 2013-04-06 13:03 - 00000000 ____D C:\Program Files (x86)\SmartTools 2013-11-02 16:42 - 2013-01-11 17:03 - 00000000 ___RD C:\Users\Daniel\Projekte 2013-11-02 16:34 - 2009-07-14 19:18 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-11-02 15:16 - 2013-03-10 13:02 - 00000000 ____D C:\ProgramData\iolo 2013-11-02 15:16 - 2012-10-20 14:32 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MotionStudios 2013-11-02 14:55 - 2012-07-27 12:22 - 00000000 _____ C:\Windows\SysWOW64\excltmp~.dat 2013-11-02 14:43 - 2010-11-23 17:54 - 00000000 ____D C:\Users\Daniel\Downloads\Filezilla 2013-11-02 14:43 - 2010-09-27 14:53 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-11-01 19:11 - 2013-11-01 19:11 - 00000000 _____ C:\Windows\coreldrw.INI 2013-11-01 19:09 - 2012-11-05 18:21 - 00000000 ____D C:\Users\Daniel\.gimp-2.8 2013-10-27 18:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-10-23 11:30 - 2013-11-03 13:07 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-23 11:30 - 2013-11-03 13:07 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-10-23 11:30 - 2013-11-03 13:07 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-10-23 11:30 - 2013-11-03 11:42 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2013-10-23 11:30 - 2013-11-03 11:42 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2013-10-23 11:30 - 2013-08-27 07:53 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-10-23 11:30 - 2013-08-27 07:53 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-23 11:30 - 2010-05-30 07:29 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-23 11:30 - 2010-05-30 07:29 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-10-23 11:30 - 2010-05-30 07:29 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-10-23 09:20 - 2009-09-27 17:22 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-10-23 09:20 - 2009-09-27 17:22 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-10-23 09:20 - 2009-09-27 17:22 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-10-23 09:20 - 2009-09-27 17:22 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-10-23 09:20 - 2009-09-27 17:22 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-10-23 09:20 - 2009-09-27 17:22 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-10-22 15:37 - 2013-08-19 15:21 - 00036664 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2013-10-22 15:37 - 2013-08-19 15:21 - 00030008 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2013-10-22 15:37 - 2013-08-14 18:41 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2013-10-22 15:37 - 2013-08-14 18:41 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2013-10-22 15:37 - 2013-08-14 18:41 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2013-10-14 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-10-14 06:38 - 2009-07-14 05:45 - 05127944 _____ C:\Windows\system32\FNTCACHE.DAT Files to move or delete: ==================== C:\Users\Daniel\setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-10 12:15 ==================== End Of Log ============================ --- --- --- |
14.11.2013, 09:17 | #27 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare Das ist ein reines Chrome Problem. Da kann ich nix machen die Logs sind sauber. Wenn neu installieren und zurücksetzen nix bringt sind mir auch die Hände gebunden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.11.2013, 15:40 | #28 |
| Windows 7: Trojaner - ClickCompare Okay dann deinstalliere ich noch einmal alles und wenn nicht's hilft steige ich auf Firefox um. |
15.11.2013, 10:57 | #29 |
/// the machine /// TB-Ausbilder | Windows 7: Trojaner - ClickCompare ok Räumen wir mal auf: Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
16.11.2013, 12:24 | #30 |
| Windows 7: Trojaner - ClickCompare Schon einmal vielen Dank für deine Hilfe. Ich habe die Deinstallationsschritte ausgeführt. Aber unter C und D sind immer noch zwei Ordner mit dem Namen "Recycler". Die lassen sich nicht löschen. Es kommen zwei Fehlermeldungen: 1. Deren Ordner enthält Elemente die für den Papierkorb zu lang sind, endgültig löschen? Wenn ich auf ja klicke kommt: 2. Das System kann den angegeben Pfad nicht finden. Folder_842925246 |