Mail delivery failed: returning message to sender

hehejo · 04.11.2013, 20:04

Hallo,

seit Wochen bzw. sind es schon Monate bekomme ich E-Mails zurück gesandt, die ich angeblich verschickt habe.

Hier ein kleiner Auszug:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

sus01@gmx.de
SMTP error from remote mail server after RCPT TO:<sus01@gmx.de>:
host mx01.gmx.net [213.165.67.97]: 550 Requested action not taken:
mailbox unavailable

------ This is a copy of the message, including all the headers. ------
------ The body of the message is 107774 characters long; only the first
------ 16384 or so are included here.

Return-path: <meine Mail>
Received: from fwd01.aul.t-online.de (fwd01.aul.t-online.de )
by mailout09.t-online.de with smtp
id 1VdOFW-000705-2E; Mon, 04 Nov 2013 18:47:38 +0100
Received: from Olaf-PC (JJBbOEZFoh9wnlH0h8Y37gGS+-j43g8brZrHc+6Xt2k-w57uTmqfybQEwjWXCexwLk@[88.74.24.49]) by fwd01.t-online.de
with esmtp id 1VdOFR-1XncOm0; Mon, 4 Nov 2013 18:47:33 +0100
From: "=?utf-8?q?Beauftragte Anwaltskanalei Leo Kr=C3=BCger?=" <meine Mail>
To: "Roland Jankowski" <sus01@gmx.de>
Subject: Stornierung Ihrer Zahlung 04.11.2013
Date: Mon, 4 Nov 2013 17:47:32 GMT
MIME-Version: 1.0
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-Priority: 3
Content-Type: multipart/mixed; boundary="=-XC777C2931"
Message-ID: <1VdOFR-1XncOm0@fwd01.t-online.de>
X-ID: JJBbOEZFoh9wnlH0h8Y37gGS+-j43g8brZrHc+6Xt2k-w57uTmqfybQEwjWXCexwLk
X-TOI-MSGID: efad230b-84d7-4094-a6b2-b98b5fcdb456

--=-XC777C2931
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Sehr geehrter Kunde Roland Jankowski,

Die Rechnung f=C3=BCr Ihre Bestellung konnte nicht von Ihrem Bankkonto abge=
bucht werden. Es wurden =C3=9Cberweisungen bis zum 04.11.2013 einbezogen.=20=

Produkt/Leistung: 10890981817
Ausstehender Betrag: 453,00 EURO

Der automatische Abzug von Ihrem Bankkonto f=C3=BCr die Bestellung vom 16.0=
9.2013 konnte nicht durchgef=C3=BChrt werden.

Weitere Einzelheiten der PayPal Rechnung und die Kontonummer zur =C3=9Cberw=
eisung finden Sie in der beigelegten Datei.=20

Die Gesamtsumme der Bestellung inklusive der Versandkosten entspricht 453,0=
0 EURO. Unser Anwaltsb=C3=BCro wurde berechtigt die f=C3=A4llige Gesamtsumm=
e f=C3=BCr Ihre Bestellung einzufordern. Zuz=C3=BCglich wird Ihnen eine Mah=
ngeb=C3=BChr von 24,00 Euro berechnet und die Kosten unserer T=C3=A4tigkeit=
von 49,23 Euro.=20
Falls Sie die Zahlung weigern sehen wir und gezwungen ein Gerichtsverfahren=
gegen Sie anzustreben. Sie haben bis zum 11.11.2013 die letzte M=C3=B6glic=
hkeit die Summe zu zahlen.=20

Mit verbindlichen Gr=C3=BC=C3=9Fen=20

Anwalt Leo Kr=C3=BCger

Nach ca. 2 Monaten mit diesen Problem, versuche ich hier Hilfe zu finden. Ich habe mein Passwort schon 1000x geändert und habe auch schon mit ESET und Malwarebytes Anti-Malware alles gecheckt. Aber das Problem besteht weiterhin.

Ich würde mich sehr über Hilfe freuen.

Danke.

Darüber hinaus hatte ich auch noch folgende Mails:

Betreff: mzbj
Absender: <pcr@lzisri.ffqr>

Inhalt der Nachricht:
pagu fzcc

Also eigentlich nur sinnlose Wörter. Ich dachte mir darauf nichts schlimmes, als schon die nächste Mail kam nun aber mit mehr Inhalt !

ulgr
Date: Tue, 22 Oct 2013 17:53:13 +0600
Content-Transfer-Encoding: quoted-printable
kcxx
Content-Type: text/html;;
charset="UTF-8"
wmgc
X-Antivirus: avast! (VPS 131021-1, 22.10.2013), Outbound message
X-Antivirus-Status: Clean

zig
<br /><br />
<hr style=3D'border:none; color:#909090; background-color:#B0B0B0; height: =
1px; width: 99%;' />
<table style=3D'border-collapse:collapse;border:none;'>
<tr>
<td style=3D'border:none;padding:0px 15px 0px 8px'>
<a href=3D"hxxp://www.avast.com/">
<img border=3D0 src=3D"hxxp://static.avast.com/emails/avast-mail-stamp.=
png" />
</a>
</td>
<td>
<p style=3D'color:#3d4d5a; font-family:"Calibri","Verdana","Arial","Helv=
etica"; font-size:12pt;'>
=D0=AD=D1=82=D0=BE =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=
=B5 =D1=81=D0=B2=D0=BE=D0=B1=D0=BE=D0=B4=D0=BD=D0=BE =D0=BE=D1=82 =D0=B2=D0=
=B8=D1=80=D1=83=D1=81=D0=BE=D0=B2 =D0=B8 =D0=B2=D1=80=D0=B5=D0=B4=D0=BE=D0=
=BD=D0=BE=D1=81=D0=BD=D0=BE=D0=B3=D0=BE =D0=9F=D0=9E =D0=B1=D0=BB=D0=B0=D0=
=B3=D0=BE=D0=B4=D0=B0=D1=80=D1=8F <a href=3D"hxxp://www.avast.com/">avast! =
Antivirus</a> =D0=B7=D0=B0=D1=89=D0=B8=D1=82=D0=B0 =D0=B0=D0=BA=D1=82=D0=B8=
=D0=B2=D0=BD=D0=B0.
</p>
</td>
</tr>
</table>
<br />

Das kommische ist, dass ich diese Mails auf meinem Handy geöffnet hatte und Sekunden später liest er irgendwas mit AVAST aus und schickt mir die o.g. Nachricht zurück.
Weiß vielleicht jmd. was das zu bedeuten hat?

Jetzt habe ich auch eine Mitteilung von der Telekom erhalten:

Sehr geehrte Kundin,
sehr geehrter Kunde,

wir müssen leider davon ausgehen, dass von Ihrem Internet-Anschluss aus
Spam-E-Mails versendet wurden. Möglicherweise wird Ihr Internet-Zugang
oder Ihr E-Mail-Konto dazu ohne Ihr Wissen von Dritten genutzt.

Den Hinweis auf Ihren Anschluss haben wir von externen
Sicherheitsexperten erhalten, mit denen wir zusammenarbeiten, um unsere
Kunden zu schützen.

Um die missbräuchliche Nutzung Ihres Zugangs zu unterbinden, haben wir
den E-Mail-Verkehr (SMTP) eingeschränkt. Die Sperre bedeutet für Sie,
dass der Versand von E-Mails über Mailprogramme wie Microsoft Outlook
oder Mozilla Thunderbird nicht mehr möglich ist. Das Versenden über
E-Mail Portale wie beispielsweise unser E-Mail Center
(https://email.t-online.de) sind hiervon nicht betroffen.

Daher unsere dringende Bitte: Prüfen Sie unbedingt Ihren Computer. Um
Ihnen dabei zu helfen, haben wir für Sie die wichtigsten Informationen
zusammengestellt.

aharonov · 04.11.2013, 21:14

Hi,

schauen wir mal, ob mit FRST was zu sehen ist:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

hehejo · 04.11.2013, 21:52

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Horst (administrator) on HORST-PC on 04-11-2013 21:45:23
Running from C:\Users\Horst\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\NetMeter\NetMeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
(Mozilla Corporation) D:\WWW\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\WWW\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() D:\Spiele\League of Legends\RADS\system\rads_user_kernel.exe
() D:\Spiele\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\LoLLauncher.exe
() D:\Spiele\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.55\deploy\LolClient.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cm108Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [cFosSpeed] - C:\Program Files\cFosSpeed\cfosspeed.exe [1587040 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] - C:\Program Files (x86)\NetMeter\NetMeter.exe [293888 2009-08-09] ()
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [251392 2010-05-05] ()
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
BootExecute: PDBoot.exeautocheck autochk * 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0F8CF3F7E588CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {DC181652-775B-4F66-BEE5-D2B9DB372B6E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {DC181652-775B-4F66-BEE5-D2B9DB372B6E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=578
SearchScopes: HKCU - {DC181652-775B-4F66-BEE5-D2B9DB372B6E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Büro\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Büro\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default
FF NewTab: about:blank
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - D:\WWW\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Horst\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Horst\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Horst\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\searchplugins\search_engine.xml
FF Extension: Grooveshark Proxy - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\groovesharkProxy@DannieDarko
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\ich@maltegoetz.de
FF Extension: LavaFox V2 - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\info@djzig.com
FF Extension: exfm - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-IsXX48jx4obwoZPnzG6RQB0pK9A@jetpack
FF Extension: WOT - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Bitdefender QuickScan - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: clickMvd - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\clickMvd@clickMvd.com.xpi
FF Extension: groovesharkUnlocker - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\groovesharkUnlocker@overlord1337.xpi
FF Extension: jid0-UVAeBCfd34Kk5usS8A1CBiobvM8 - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi
FF Extension: maxtabs - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\maxtabs@cheeaun.xpi
FF Extension: nasanightlaunch - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: togglepersona - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\togglepersona@davidvincent.tld.xpi
FF Extension: vk - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\vk@sergeykolosov.mp.xpi
FF Extension: stylish - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: No Name - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{599B9024-EBA6-4258-95C5-9133F8D73856}.xpi
FF Extension: No Name - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
FF Extension: showcase - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi
FF Extension: prefs - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
FF Extension: No Name - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi
FF Extension: astob - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{9e96e0c4-9bde-49b7-989f-a4ca4bdc90bb}.xpi
FF Extension: No Name - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
FF Extension: Adblock Plus - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: greasemonkey - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: prefs - C:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\5e1sner9.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF StartMenuInternet: FIREFOX.EXE - D:\WWW\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (SuchMaschine) - hxxp://www.sm.de/?q={searchTerms}
CHR DefaultSuggestURL: (SuchMaschine) -       "suggest_url": "",
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Horst\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Horst\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Horst\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - D:\WWW\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - D:\WWW\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - D:\WWW\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Extension: (YouTube) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Freemake Video Downloader) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Google Search) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hpomcmndppalndoljdilmfkkjkcnongl] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2013-04-17] (SUPERAntiSpyware.com)
S4 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3029208 2011-06-30] (Emsi Software GmbH)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [480096 2013-04-19] (cFos Software GmbH)
S4 EslWireHelper; D:\Tools\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; D:\Büro\Microsoft Office\Office12\GrooveAuditService.exe [65888 2008-10-25] (Microsoft Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-20] ()
S4 Tweak7SystemService; C:\Windows\system32\Tweak7SystemService.exe [71392 2011-09-13] (Totalidea Software)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [85800 2011-02-20] (Emsi Software GmbH)
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
R2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20456 2010-03-10] (Windows (R) Win 7 DDK provider)
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-08] (DT Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-08-08] (Turtle Entertainment GmbH)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [156176 2013-09-24] (<Turtle Entertainment>)
S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [7808 2011-01-18] (SweetLow)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 salmosa; C:\Windows\System32\drivers\salmosa.sys [11904 2008-03-20] (Razer (Asia-Pacific) Pte Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology)
S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [145360 2010-02-12] (Sun Microsystems, Inc.)
R0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-03-13] (Acronis)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ATICDSDr; \??\C:\Users\Horst\AppData\Local\Temp\ATICDSDr.sys [x]
S3 BioNTDrv; \??\E:\Sicherheit&Backup\Paragon\program\BioNTDrv.SYS [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; \??\C:\Users\Horst\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 USBMULCD; system32\drivers\CM10664.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va005; \??\C:\Users\Horst\AppData\Local\Temp\0053929.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-04 21:45 - 2013-11-04 21:45 - 00000000 ____D C:\FRST
2013-11-04 21:41 - 2013-11-04 21:41 - 01957098 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2013-11-04 17:53 - 2013-11-04 17:53 - 01073258 _____ C:\Users\Horst\Downloads\AdwCleaner.exe
2013-11-04 17:50 - 2013-11-04 17:50 - 00029987 _____ C:\ComboFix.txt
2013-11-04 17:39 - 2013-11-04 17:50 - 00000000 ____D C:\ComboFix
2013-11-04 17:39 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-04 17:39 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-04 17:39 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-04 17:36 - 2013-11-04 17:50 - 00000000 ____D C:\Qoobox
2013-11-04 17:36 - 2013-11-04 17:49 - 00000000 ____D C:\Windows\erdnt
2013-11-04 17:34 - 2013-11-04 17:34 - 00010681 _____ C:\Users\Horst\Desktop\JRT.txt
2013-11-04 17:29 - 2013-11-04 17:29 - 05143677 ____R (Swearware) C:\Users\Horst\Downloads\ComboFix.exe
2013-11-04 17:28 - 2013-11-04 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-11-04 17:27 - 2013-11-04 17:27 - 01033335 _____ (Thisisu) C:\Users\Horst\Downloads\JRT.exe
2013-10-28 22:34 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-28 22:34 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-28 22:34 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-28 22:33 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-28 22:33 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 22:31 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 22:31 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 17:57 - 2013-10-28 17:57 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (6)
2013-10-28 12:31 - 2013-10-28 12:31 - 00000000 ____D C:\ProgramData\Overwolf
2013-10-27 04:28 - 2013-10-27 04:28 - 00001167 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-27 04:15 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-27 04:15 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-25 14:46 - 2013-10-25 14:46 - 00000000 ____D C:\Users\Horst\AppData\Local\EMU
2013-10-25 01:13 - 2013-10-25 01:13 - 00000000 ____D C:\ProgramData\Steam
2013-10-24 19:39 - 2013-10-24 19:57 - 832887269 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar.part
2013-10-24 19:39 - 2013-10-24 19:39 - 00000000 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar
2013-10-24 17:09 - 2013-10-24 17:09 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\UpdatusUser.Horst-PC\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\Horst\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-10-23 11:26 - 2013-10-23 11:26 - 04569784 _____ C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor.zip
2013-10-23 11:07 - 2013-10-23 11:07 - 00000729 _____ C:\Users\Horst\Downloads\Letzter Countdown.ydk
2013-10-23 11:07 - 2013-10-23 11:06 - 00000701 _____ C:\Users\Horst\Downloads\Drachen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000685 _____ C:\Users\Horst\Downloads\05.Die Heiligen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000486 _____ C:\Users\Horst\Downloads\SD Yugi.ydk
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-23 00:34 - 2013-10-23 00:34 - 00000583 _____ C:\Users\Horst\Downloads\Geku LS.ydk
2013-10-23 00:34 - 2013-10-23 00:34 - 00000579 _____ C:\Users\Horst\Downloads\best laval.ydk
2013-10-23 00:33 - 2013-10-23 00:33 - 00000732 _____ C:\Users\Horst\Downloads\2.My-aim-boxin.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000656 _____ C:\Users\Horst\Downloads\Chaos Plant.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000579 _____ C:\Users\Horst\Downloads\Chaossworn.ydk
2013-10-22 16:28 - 2013-10-22 16:27 - 00000739 _____ C:\Users\Horst\Downloads\002 Fabelds.ydk
2013-10-22 16:27 - 2013-10-22 16:27 - 00000732 _____ C:\Users\Horst\Downloads\3.Flame.Star.3-Axis.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000738 _____ C:\Users\Horst\Downloads\1.edragons.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000735 _____ C:\Users\Horst\Downloads\006 Prophecy.ydk
2013-10-22 16:10 - 2013-10-22 16:10 - 00000583 _____ C:\Users\Horst\Downloads\Fire King Fleur.ydk
2013-10-22 14:35 - 2013-10-22 14:35 - 247763201 _____ (YGOPro DevPro Online                                        ) C:\Users\Horst\Downloads\SetupDevPro1.9.7r2new.exe
2013-10-20 17:47 - 2013-10-20 17:47 - 00000936 _____ C:\Users\Public\Desktop\Deponia.lnk
2013-10-20 17:47 - 2013-10-20 17:47 - 00000000 ____D C:\Users\Horst\AppData\Local\Daedalic Entertainment
2013-10-20 12:09 - 2013-10-20 12:09 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 12:09 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-20 12:09 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-20 12:09 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-20 12:09 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-20 12:08 - 2013-10-20 12:09 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 11:50 - 2013-10-27 19:54 - 01710409 _____ C:\Users\Horst\Desktop\Original_Wettmanager_2.02.xlsx
2013-10-17 11:47 - 2013-10-17 11:47 - 00051712 _____ C:\Users\Horst\Downloads\Kopie von Gesamtübersicht.xls
2013-10-17 11:41 - 2013-10-17 11:41 - 00127488 _____ C:\Users\Horst\Downloads\BetmanagerAD_version_3.xls
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Program Files\Realtek
2013-10-16 10:15 - 2013-03-29 20:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-10-16 10:15 - 2013-03-29 17:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-10-16 10:15 - 2013-03-29 16:52 - 00914992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-10-16 10:15 - 2013-03-29 16:10 - 00449481 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-10-16 10:15 - 2013-03-27 15:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-10-16 10:15 - 2013-03-26 16:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-10-16 10:15 - 2013-03-26 16:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-10-16 10:15 - 2013-03-26 14:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-10-16 10:15 - 2013-03-26 13:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-10-16 10:15 - 2013-03-25 16:32 - 03180264 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-10-16 10:15 - 2013-03-23 02:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-10-16 10:15 - 2013-03-20 12:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-10-16 10:15 - 2013-03-15 18:34 - 04957976 _____ (A-volute) C:\Windows\system32\RTKSMlfx.dll
2013-10-16 10:15 - 2013-03-15 18:33 - 00887640 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-10-16 10:15 - 2013-03-12 17:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-10-16 10:15 - 2013-03-08 11:51 - 00904752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-10-16 10:15 - 2013-02-28 12:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-10-16 10:15 - 2013-02-28 12:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-10-16 10:15 - 2013-02-21 16:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-10-16 10:15 - 2013-02-21 16:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-10-16 10:15 - 2013-02-21 16:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-10-16 10:15 - 2013-02-20 17:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-10-16 10:15 - 2013-02-19 17:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-10-16 10:15 - 2013-01-17 18:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-10-16 10:15 - 2012-12-12 10:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-10-16 10:15 - 2012-09-10 19:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-10-16 10:15 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-10-16 10:15 - 2012-07-15 20:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-10-16 10:15 - 2012-06-20 16:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-10-16 10:15 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-10-16 10:15 - 2012-01-30 10:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-10-16 10:15 - 2012-01-10 09:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-10-16 10:15 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-10-16 10:15 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-10-16 10:15 - 2011-08-23 16:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-10-16 10:15 - 2011-03-17 11:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-10-16 10:15 - 2011-03-07 16:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-10-16 10:15 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-10-16 10:15 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-10-16 10:15 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-10-16 10:12 - 2013-10-16 10:12 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-16 10:11 - 2013-10-16 10:11 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\Horst\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-10-14 20:53 - 2013-10-14 20:53 - 00000000 ____D C:\Users\Horst\Downloads\ipstorage
2013-10-14 20:43 - 2013-10-14 20:44 - 00000000 ____D C:\Users\Horst\Downloads\cache
2013-10-14 20:43 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\languages
2013-10-14 20:38 - 2013-10-14 20:38 - 00002665 _____ C:\Users\Public\Desktop\TJPing.lnk
2013-10-14 20:38 - 2013-10-14 20:38 - 00000000 ____D C:\Program Files (x86)\Top Jimmy Software
2013-10-14 20:31 - 2013-10-16 19:28 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (5)
2013-10-13 13:30 - 2013-10-13 13:30 - 00000209 _____ C:\Users\Horst\Desktop\Tower Wars.url
2013-10-12 17:51 - 2013-10-12 17:51 - 00096872 _____ (Spotify Ltd) C:\Users\Horst\Downloads\SpotifySetup.exe
2013-10-12 15:56 - 2013-10-12 15:56 - 00000000 ____D C:\Users\Horst\AppData\Local\My Games
2013-10-12 15:55 - 2013-10-27 04:29 - 00109878 _____ C:\Windows\DirectX.log
2013-10-12 15:46 - 2013-10-12 15:46 - 00000207 _____ C:\Users\Horst\Desktop\Sid Meier's Civilization V.url
2013-10-11 06:21 - 2013-10-11 06:21 - 00000687 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-09 06:07 - 2013-10-09 06:07 - 00000209 _____ C:\Users\Horst\Desktop\Haunted Memories.url
2013-10-08 17:44 - 2013-10-08 17:44 - 00000000 ____D C:\Users\Horst\Downloads\de_cache_csgo
2013-10-08 00:18 - 2013-10-08 00:18 - 13452423 _____ C:\Users\Horst\Downloads\de_cache_csgo.zip
2013-10-07 23:43 - 2013-10-07 23:43 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Bioshock2Steam
2013-10-06 12:05 - 2013-10-06 12:09 - 00000000 ____D C:\Users\Horst\Documents\Battlefield 4
2013-10-05 23:06 - 2013-11-04 17:47 - 00022498 _____ C:\Windows\PFRO.log
2013-10-05 22:57 - 2013-10-05 22:57 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-10-05 22:57 - 2013-10-05 22:57 - 00000000 ____D C:\Users\Horst\AppData\Local\NVIDIA
2013-10-05 22:54 - 2013-10-26 10:45 - 00000000 ____D C:\Users\UpdatusUser.Horst-PC
2013-10-05 22:54 - 2013-10-05 22:54 - 00000020 ___SH C:\Users\UpdatusUser.Horst-PC\ntuser.ini
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Vorlagen
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Startmenü
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Netzwerkumgebung
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Lokale Einstellungen
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Eigene Dateien
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Druckumgebung
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Documents\Eigene Musik
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Documents\Eigene Bilder
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Local\Verlauf
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Local\Anwendungsdaten
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Anwendungsdaten
2013-10-05 22:54 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser.Horst-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-05 22:54 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser.Horst-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-05 22:52 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-05 22:51 - 2013-11-04 17:59 - 00011594 _____ C:\Windows\setupact.log
2013-10-05 22:51 - 2013-10-05 22:51 - 00000000 _____ C:\Windows\setuperr.log
2013-10-05 22:49 - 2013-10-05 22:50 - 242200864 _____ (NVIDIA Corporation) C:\Users\Horst\Downloads\327.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-05 22:42 - 2013-10-05 22:42 - 00000044 _____ C:\Users\Horst\Downloads\pbuser.htm
2013-10-05 22:40 - 2013-10-05 22:44 - 00012280 _____ C:\Users\Horst\Downloads\pbgame.htm
2013-10-05 22:40 - 2013-10-05 22:40 - 00003122 _____ C:\Windows\System32\Tasks\{15AAF308-1355-453B-9F0D-83A20FDF99F6}
2013-10-05 22:39 - 2013-10-05 22:40 - 00823808 _____ C:\Users\Horst\Downloads\pbsetup.exe
2013-10-05 22:16 - 2013-10-20 17:32 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-05 22:16 - 2013-10-20 17:32 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-05 22:15 - 2013-11-01 20:26 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-05 10:23 - 2013-10-05 10:23 - 122946048 _____ C:\Users\Horst\Downloads\avira14_free_antivirus_de.exe
2013-10-05 04:40 - 2013-10-05 04:40 - 00000000 ____D C:\Users\Horst\Downloads\fast_video_download-4.2.5-fx
2013-10-05 04:18 - 2013-10-05 04:18 - 00002919 _____ C:\Users\Horst\Desktop\FLV-Media-Player.lnk
2013-10-05 04:18 - 2013-10-05 04:18 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV-Media-Player
2013-10-05 04:18 - 2013-10-05 04:18 - 00000000 ____D C:\Program Files (x86)\FLV-Media-Player
2013-10-05 04:13 - 2013-10-05 04:13 - 00000000 ____D C:\Windows\SysWOW64\C2MP


==================== One Month Modified Files and Folders =======

2013-11-04 21:45 - 2013-11-04 21:45 - 00000000 ____D C:\FRST
2013-11-04 21:41 - 2013-11-04 21:41 - 01957098 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2013-11-04 21:12 - 2012-12-03 19:41 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA.job
2013-11-04 20:50 - 2012-09-17 19:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 20:36 - 2010-01-13 18:39 - 00000000 ____D C:\Users\Horst\AppData\Roaming\TS3Client
2013-11-04 18:12 - 2012-12-03 19:41 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core.job
2013-11-04 18:05 - 2009-07-14 18:58 - 00711272 _____ C:\Windows\system32\perfh007.dat
2013-11-04 18:05 - 2009-07-14 18:58 - 00154258 _____ C:\Windows\system32\perfc007.dat
2013-11-04 18:05 - 2009-07-14 06:13 - 01652510 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-04 18:04 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:04 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:02 - 2013-08-17 17:23 - 00483807 _____ C:\Windows\WindowsUpdate.log
2013-11-04 17:59 - 2013-10-05 22:51 - 00011594 _____ C:\Windows\setupact.log
2013-11-04 17:59 - 2012-04-10 23:04 - 00000000 ____D C:\Users\Horst\AppData\Local\Overwolf
2013-11-04 17:59 - 2011-10-01 11:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-04 17:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-04 17:56 - 2013-08-25 02:34 - 00000000 ____D C:\AdwCleaner
2013-11-04 17:53 - 2013-11-04 17:53 - 01073258 _____ C:\Users\Horst\Downloads\AdwCleaner.exe
2013-11-04 17:50 - 2013-11-04 17:50 - 00029987 _____ C:\ComboFix.txt
2013-11-04 17:50 - 2013-11-04 17:39 - 00000000 ____D C:\ComboFix
2013-11-04 17:50 - 2013-11-04 17:36 - 00000000 ____D C:\Qoobox
2013-11-04 17:49 - 2013-11-04 17:36 - 00000000 ____D C:\Windows\erdnt
2013-11-04 17:47 - 2013-10-05 23:06 - 00022498 _____ C:\Windows\PFRO.log
2013-11-04 17:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-04 17:46 - 2012-03-13 20:32 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-04 17:46 - 2012-02-05 17:19 - 00036864 _____ C:\Windows\system32\config\SAM.bak
2013-11-04 17:46 - 2011-10-29 19:37 - 69730304 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-04 17:46 - 2011-09-28 15:22 - 27787264 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-04 17:46 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-04 17:34 - 2013-11-04 17:34 - 00010681 _____ C:\Users\Horst\Desktop\JRT.txt
2013-11-04 17:29 - 2013-11-04 17:29 - 05143677 ____R (Swearware) C:\Users\Horst\Downloads\ComboFix.exe
2013-11-04 17:28 - 2013-11-04 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-11-04 17:27 - 2013-11-04 17:27 - 01033335 _____ (Thisisu) C:\Users\Horst\Downloads\JRT.exe
2013-11-04 13:54 - 2012-06-04 20:21 - 00000000 ____D C:\Users\Horst\AppData\Roaming\vlc
2013-11-04 09:07 - 2011-09-08 20:28 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-04 07:49 - 2012-03-09 17:31 - 00000000 ____D C:\Users\Horst\Desktop\fun
2013-11-03 12:01 - 2010-02-09 20:13 - 00000000 ____D C:\Users\Horst\AppData\Roaming\mIRC
2013-11-01 20:26 - 2013-10-05 22:15 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-28 22:42 - 2013-09-10 13:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-10-28 22:37 - 2012-02-22 18:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 22:33 - 2012-02-22 18:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 22:33 - 2011-10-01 10:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-28 17:57 - 2013-10-28 17:57 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (6)
2013-10-28 16:47 - 2013-06-13 18:53 - 00000000 ____D C:\Users\Horst\Desktop\Bewerbungen Hannover
2013-10-28 12:31 - 2013-10-28 12:31 - 00000000 ____D C:\ProgramData\Overwolf
2013-10-27 19:54 - 2013-10-17 11:50 - 01710409 _____ C:\Users\Horst\Desktop\Original_Wettmanager_2.02.xlsx
2013-10-27 04:29 - 2013-10-12 15:55 - 00109878 _____ C:\Windows\DirectX.log
2013-10-27 04:28 - 2013-10-27 04:28 - 00001167 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-26 10:45 - 2013-10-05 22:54 - 00000000 ____D C:\Users\UpdatusUser.Horst-PC
2013-10-25 14:46 - 2013-10-25 14:46 - 00000000 ____D C:\Users\Horst\AppData\Local\EMU
2013-10-25 01:13 - 2013-10-25 01:13 - 00000000 ____D C:\ProgramData\Steam
2013-10-25 01:13 - 2011-11-27 05:28 - 00000000 ____D C:\Users\Horst\Documents\WB Games
2013-10-24 19:57 - 2013-10-24 19:39 - 832887269 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar.part
2013-10-24 19:39 - 2013-10-24 19:39 - 00000000 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar
2013-10-24 17:09 - 2013-10-24 17:09 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
2013-10-23 11:30 - 2013-10-28 22:34 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 22:34 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2011-10-25 16:23 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 11:30 - 2011-02-13 10:52 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Sun
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\UpdatusUser.Horst-PC\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\Horst\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-10-23 11:26 - 2013-10-23 11:26 - 04569784 _____ C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor.zip
2013-10-23 11:07 - 2013-10-23 11:07 - 00000729 _____ C:\Users\Horst\Downloads\Letzter Countdown.ydk
2013-10-23 11:06 - 2013-10-23 11:07 - 00000701 _____ C:\Users\Horst\Downloads\Drachen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000685 _____ C:\Users\Horst\Downloads\05.Die Heiligen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000486 _____ C:\Users\Horst\Downloads\SD Yugi.ydk
2013-10-23 09:20 - 2012-02-22 18:16 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2012-02-22 18:16 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-02-22 18:14 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-23 00:34 - 2013-10-23 00:34 - 00000583 _____ C:\Users\Horst\Downloads\Geku LS.ydk
2013-10-23 00:34 - 2013-10-23 00:34 - 00000579 _____ C:\Users\Horst\Downloads\best laval.ydk
2013-10-23 00:33 - 2013-10-23 00:33 - 00000732 _____ C:\Users\Horst\Downloads\2.My-aim-boxin.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000656 _____ C:\Users\Horst\Downloads\Chaos Plant.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000579 _____ C:\Users\Horst\Downloads\Chaossworn.ydk
2013-10-22 17:43 - 2013-09-25 23:22 - 00000000 ____D C:\Users\Horst\AppData\Roaming\QuickScan
2013-10-22 16:27 - 2013-10-22 16:28 - 00000739 _____ C:\Users\Horst\Downloads\002 Fabelds.ydk
2013-10-22 16:27 - 2013-10-22 16:27 - 00000732 _____ C:\Users\Horst\Downloads\3.Flame.Star.3-Axis.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000738 _____ C:\Users\Horst\Downloads\1.edragons.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000735 _____ C:\Users\Horst\Downloads\006 Prophecy.ydk
2013-10-22 16:10 - 2013-10-22 16:10 - 00000583 _____ C:\Users\Horst\Downloads\Fire King Fleur.ydk
2013-10-22 14:35 - 2013-10-22 14:35 - 247763201 _____ (YGOPro DevPro Online                                        ) C:\Users\Horst\Downloads\SetupDevPro1.9.7r2new.exe
2013-10-20 17:47 - 2013-10-20 17:47 - 00000936 _____ C:\Users\Public\Desktop\Deponia.lnk
2013-10-20 17:47 - 2013-10-20 17:47 - 00000000 ____D C:\Users\Horst\AppData\Local\Daedalic Entertainment
2013-10-20 17:44 - 2009-12-30 13:25 - 00000000 ____D C:\Users\Horst\AppData\Roaming\DAEMON Tools Lite
2013-10-20 17:32 - 2013-10-05 22:16 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-20 17:32 - 2013-10-05 22:16 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-20 17:32 - 2011-10-01 11:26 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-20 12:09 - 2013-10-20 12:09 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 12:09 - 2013-10-20 12:08 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-20 12:09 - 2009-12-30 15:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 11:44 - 2013-04-14 23:21 - 00000000 ____D C:\Program Files (x86)\OBS
2013-10-19 12:16 - 2012-04-07 23:48 - 00002370 _____ C:\Users\Horst\Desktop\Google Chrome.lnk
2013-10-18 02:36 - 2013-10-28 22:33 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 22:33 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 11:47 - 2013-10-17 11:47 - 00051712 _____ C:\Users\Horst\Downloads\Kopie von Gesamtübersicht.xls
2013-10-17 11:46 - 2012-11-04 21:51 - 00239616 _____ C:\Users\Horst\Downloads\Monatsvorlage.xls
2013-10-17 11:41 - 2013-10-17 11:41 - 00127488 _____ C:\Users\Horst\Downloads\BetmanagerAD_version_3.xls
2013-10-16 19:28 - 2013-10-14 20:31 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (5)
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Program Files\Realtek
2013-10-16 10:15 - 2009-12-30 01:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-16 10:12 - 2013-10-16 10:12 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-16 10:11 - 2013-10-16 10:11 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\Horst\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-10-16 01:48 - 2013-10-27 04:15 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-27 04:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-15 11:17 - 2013-05-16 20:11 - 00000000 ____D C:\Users\Horst\Desktop\Schule dies das
2013-10-14 20:53 - 2013-10-14 20:53 - 00000000 ____D C:\Users\Horst\Downloads\ipstorage
2013-10-14 20:44 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\cache
2013-10-14 20:43 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\languages
2013-10-14 20:38 - 2013-10-14 20:38 - 00002665 _____ C:\Users\Public\Desktop\TJPing.lnk
2013-10-14 20:38 - 2013-10-14 20:38 - 00000000 ____D C:\Program Files (x86)\Top Jimmy Software
2013-10-13 13:30 - 2013-10-13 13:30 - 00000209 _____ C:\Users\Horst\Desktop\Tower Wars.url
2013-10-13 12:30 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-12 17:51 - 2013-10-12 17:51 - 00096872 _____ (Spotify Ltd) C:\Users\Horst\Downloads\SpotifySetup.exe
2013-10-12 15:56 - 2013-10-12 15:56 - 00000000 ____D C:\Users\Horst\AppData\Local\My Games
2013-10-12 15:55 - 2010-12-29 20:16 - 00000000 ____D C:\Users\Horst\Documents\My Games
2013-10-12 15:46 - 2013-10-12 15:46 - 00000207 _____ C:\Users\Horst\Desktop\Sid Meier's Civilization V.url
2013-10-11 13:30 - 2010-01-04 19:19 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-10-11 06:21 - 2013-10-11 06:21 - 00000687 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-11 03:29 - 2009-12-29 15:49 - 00009956 _____ C:\Users\Horst\Desktop\ESL WAC PROOF HACK. How to.txt
2013-10-10 06:50 - 2012-09-17 19:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 06:50 - 2012-09-17 19:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 06:50 - 2011-09-20 23:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 06:07 - 2013-10-09 06:07 - 00000209 _____ C:\Users\Horst\Desktop\Haunted Memories.url
2013-10-09 05:55 - 2011-09-10 19:58 - 00000000 ____D C:\ProgramData\IObit
2013-10-08 17:44 - 2013-10-08 17:44 - 00000000 ____D C:\Users\Horst\Downloads\de_cache_csgo
2013-10-08 17:07 - 2012-12-03 19:41 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA
2013-10-08 17:07 - 2012-12-03 19:41 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core
2013-10-08 06:50 - 2013-10-20 12:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-20 12:09 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-20 12:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-20 12:09 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 00:18 - 2013-10-08 00:18 - 13452423 _____ C:\Users\Horst\Downloads\de_cache_csgo.zip
2013-10-07 23:43 - 2013-10-07 23:43 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Bioshock2Steam
2013-10-07 13:49 - 2013-09-29 08:33 - 00000000 ____D C:\Users\Horst\AppData\Local\Comodo
2013-10-07 13:49 - 2013-08-19 01:25 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-06 12:09 - 2013-10-06 12:05 - 00000000 ____D C:\Users\Horst\Documents\Battlefield 4
2013-10-06 12:05 - 2011-10-27 19:22 - 00000000 ____D C:\ProgramData\Origin
2013-10-06 12:05 - 2010-06-26 20:30 - 00000000 ____D C:\Users\Horst\AppData\Local\PunkBuster
2013-10-05 23:07 - 2013-09-29 08:33 - 00000000 ____D C:\ProgramData\COMODO
2013-10-05 23:07 - 2013-09-29 08:33 - 00000000 ____D C:\Program Files\COMODO
2013-10-05 23:06 - 2011-09-29 17:03 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-10-05 23:02 - 2010-08-03 15:51 - 00000000 ____D C:\Windows\pss
2013-10-05 22:57 - 2013-10-05 22:57 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-10-05 22:57 - 2013-10-05 22:57 - 00000000 ____D C:\Users\Horst\AppData\Local\NVIDIA
2013-10-05 22:54 - 2013-10-05 22:54 - 00000020 ___SH C:\Users\UpdatusUser.Horst-PC\ntuser.ini
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Vorlagen
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Startmenü
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Netzwerkumgebung
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Lokale Einstellungen
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Eigene Dateien
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Druckumgebung
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Documents\Eigene Musik
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Documents\Eigene Bilder
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Local\Verlauf
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\AppData\Local\Anwendungsdaten
2013-10-05 22:54 - 2013-10-05 22:54 - 00000000 _SHDL C:\Users\UpdatusUser.Horst-PC\Anwendungsdaten
2013-10-05 22:51 - 2013-10-05 22:51 - 00000000 _____ C:\Windows\setuperr.log
2013-10-05 22:50 - 2013-10-05 22:49 - 242200864 _____ (NVIDIA Corporation) C:\Users\Horst\Downloads\327.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-10-05 22:44 - 2013-10-05 22:40 - 00012280 _____ C:\Users\Horst\Downloads\pbgame.htm
2013-10-05 22:42 - 2013-10-05 22:42 - 00000044 _____ C:\Users\Horst\Downloads\pbuser.htm
2013-10-05 22:40 - 2013-10-05 22:40 - 00003122 _____ C:\Windows\System32\Tasks\{15AAF308-1355-453B-9F0D-83A20FDF99F6}
2013-10-05 22:40 - 2013-10-05 22:39 - 00823808 _____ C:\Users\Horst\Downloads\pbsetup.exe
2013-10-05 22:36 - 2013-10-04 16:12 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Azureus
2013-10-05 10:23 - 2013-10-05 10:23 - 122946048 _____ C:\Users\Horst\Downloads\avira14_free_antivirus_de.exe
2013-10-05 04:40 - 2013-10-05 04:40 - 00000000 ____D C:\Users\Horst\Downloads\fast_video_download-4.2.5-fx
2013-10-05 04:34 - 2009-12-30 01:19 - 00000000 ___RD C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 04:31 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-10-05 04:29 - 2009-12-30 01:19 - 00001305 _____ C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-05 04:18 - 2013-10-05 04:18 - 00002919 _____ C:\Users\Horst\Desktop\FLV-Media-Player.lnk
2013-10-05 04:18 - 2013-10-05 04:18 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV-Media-Player
2013-10-05 04:18 - 2013-10-05 04:18 - 00000000 ____D C:\Program Files (x86)\FLV-Media-Player
2013-10-05 04:15 - 2013-09-27 03:37 - 00000000 ____D C:\multiAVCHD
2013-10-05 04:13 - 2013-10-05 04:13 - 00000000 ____D C:\Windows\SysWOW64\C2MP


Some content of TEMP:
====================
C:\Users\Horst\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2013-06-11 09:34

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Horst at 2013-11-04 21:46:14
Running from C:\Users\Horst\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 2 (SP2) (x32)
3DMark06 (x32 Version: 1.2.1)
Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.2.443)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.6154)
Adobe AIR (x32 Version: 1.1.0.5790)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Alien Swarm (x32)
Apple Application Support (x32 Version: 2.1.9)
ATITool Overclocking Utility (x32 Version: 0.26)
AV Voice Changer Software DIAMOND 6.0 (x32)
AviSynth 2.5 (x32)
Batman: Arkham Origins (x32)
BioShock 2 (x32 Version: 1.0.0004.131)
BioShock 2 (x32)
BioShock Infinite (x32)
CCleaner (Version: 3.23)
cFosSpeed v9.04 (Version: 9.04)
Company of Heroes 2 (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6514.5001)
Counter-Strike (x32)
Counter-Strike: Global Offensive (x32)
Counter-Strike: Source (x32)
CPUID CPU-Z 1.58
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.41.3.0173)
Deponia (x32 Version: 1.0)
Diablo III (x32 Version: 1.0.8.16603)
Dishonored German (c) Bethesda version 1 (x32 Version: 1)
DivX-Setup (x32 Version: 2.6.1.3)
Dual-Core Optimizer (x32 Version: 1.1.4.0169)
Easy Office Recovery (x32 Version: 1.4)
Emsisoft Anti-Malware 5.1 (x32 Version: 5.1)
ESET Online Scanner v3 (x32)
ESL Wire 1.17.2
ESN Sonar (x32 Version: 0.70.4)
Far Cry 3 (x32 Version: 1.01)
FileZilla Client 3.2.7.1 (x32 Version: 3.2.7.1)
FLV-Media-Player (x32 Version: 2.0.3.2532)
Fraps (remove only) (x32)
Free FLV Converter V 7.6.0 (x32 Version: 7.6.0.0)
Free Hide IP (x32 Version: 3.9.0.8)
Free MP4 Video Converter version 5.0.28.812 (x32 Version: 5.0.28.812)
Freemake Video Downloader (x32 Version: 3.5.3)
Game Booster 3 (x32 Version: 3.4)
Geeks3D.com FurMark 1.10.6 (x32)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.23.0)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32)
Haunted Memories (x32)
HLSW v1.3.2.1 (x32)
HP LaserJet P1000 series (x32)
HPSSupply (x32 Version: 2.1.1.0000)
ICQ7.2 (x32 Version: 7.2)
IrfanView (remove only) (x32 Version: 4.28)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
Java(TM) 7 Update 2 (64-bit) (Version: 7.0.20)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 0.9 (x32 Version: 0.9)
JMicron JMB36X Driver (x32 Version: 1.00.0000)
KeePass Password Safe 1.22 (x32 Version: 1.22)
League of Legends (x32 Version: 1.02.0000)
LOLReplay (x32 Version: 0.7.9.35)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
ManiaPlanet (x32)
ManyCam 3.1.59 (x32 Version: 3.1.59)
MetaTrader 4 (x32 Version: 4.00)
Metro 2033 (x32)
Metro: Last Light (x32)
Microsoft .NET Compact Framework 3.5 (x32 Version: 3.5.7283)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
mIRC (x32 Version: 7.19)
Monaco (x32)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
NC Launcher (GameForge) (x32)
NetMeter 1.1.4 BETA (x32)
Notepad++ (x32 Version: 6.1.6)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
Open Broadcaster Software (x32)
OpenAL (x32)
OpenTTD 1.3.2 (x32 Version: 1.3.2)
Origin (x32 Version: 9.0.2.2065)
osu! (x32 Version: 0.0.0.0)
Overwolf (x32 Version: 0.45.266)
PAYDAY 2 (x32)
Pazera Free MP4 to AVI Converter 1.6 (x32 Version: 1.6)
PC Inspector File Recovery (x32 Version: 4.0)
PDFCreator (x32 Version: 1.4.3)
PerfectDisk 11 Professional (Version: 11.00.174)
Philips Device Manager (x32 Version: 10.1.0.0)
PokerStars.net (x32)
PS3 Video 9 6 (x32 Version: 6)
PunkBuster Services (x32 Version: 0.993)
QuickTime (x32 Version: 7.72.80.56)
Razer DeathAdder(TM) Mouse (x32 Version: 3.00)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Recuva (Version: 1.42)
Rockstar Games Social Club (x32 Version: 1.0.9.5)
SHIELD Streaming (Version: 1.6.34)
ShiftWindow 1.02 (x32)
Sid Meier's Civilization V (x32)
Skype™ 6.6 (x32 Version: 6.6.106)
Source SDK Base 2007 (x32)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Star Wars: The Old Republic (x32 Version: 1.00)
Steam (x32 Version: 1.0.0.0)
SteelSeries USB Soundcard v1.20
StreamTransport version: 1.0.2.2171 (x32)
SUPERAntiSpyware (Version: 5.0.1118)
System Requirements Lab (x32 Version: 4.1.72.0)
TeamSpeak 3 Client (Version: 3.0.13)
TeamViewer 6 (x32 Version: 6.0.9947)
TeamViewer 7 (x32 Version: 7.0.12979)
TeraCopy 2.27
TJPing 3.0 (x32 Version: 3.0.0)
TmNationsForever (x32)
Tower Wars (x32)
Trojan Killer 2.1 (x32)
Tweak-7 (Version: 1.0 build 1120)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Universal Password Manager (x32 Version: 1.8)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Virtual Audio Cable 4.10
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01)
VLC Codec Pack 2.0.5 (x32 Version: 2.0.5)
VLC media player 2.0.8 (x32 Version: 2.0.8)
VLC media player 2.1.0 (Version: 2.1.0)
Vuze (Version: 5.1.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinZip 14.5 (x32 Version: 14.5.9095)
World of Tanks (x32)
XSplit (x32 Version: 1.2.1303.0101)
YGOPro DevPro Version 1.9.7 r2 (x32 Version: 1.9.7 r2)

==================== Restore Points  =========================

04-11-2013 16:39:49 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-04 17:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00A56917-2A60-42B2-AF52-C3FC74410918} - System32\Tasks\{0ABC18A8-64AA-4097-90CC-39D7E8B0298D} => D:\Spiele\Steam\SteamApps\common\grand theft auto iv\GTAIV\LaunchGTAIV.exe [2011-10-03] (Sony DADC Austria AG)
Task: {08CA0E77-753D-4695-8C19-9C98F2CCEC05} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {0B546C66-1641-49E5-AEF1-A031A12DFF8D} - System32\Tasks\{1D300102-F467-45BC-80FE-6D5F75DCD8B9} => D:\Spiele\Steam\SteamApps\common\grand theft auto iv\GTAIV\LaunchGTAIV.exe [2011-10-03] (Sony DADC Austria AG)
Task: {59889EE5-23D4-4ADB-8952-4DC957C43F20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {6AFCDF15-2B6F-4506-85C4-53B698271189} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {7E6FC815-C7CD-4CC5-90F5-DC5609F65296} - \Dealply No Task File
Task: {80ECC005-D699-44A5-B88B-D1CA09649BEA} - System32\Tasks\{54928D10-7FFF-4F94-B5EA-C6D781926126} => D:\Spiele\Steam\SteamApps\common\grand theft auto iv\GTAIV\GTAIV.exe [2010-04-29] (Take-Two Interactive Software, Inc.)
Task: {8150EF67-FC4C-43EE-8CC9-19EA1C43F1DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core => C:\Users\Horst\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {8302FEA5-554C-40B1-A648-E1719EA937D1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA => C:\Users\Horst\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {950A0863-FD4B-4349-B500-928364AA52DD} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {B153C34D-14CC-4283-BFC6-DD3E21B7A8B5} - System32\Tasks\cFosTASK => C:\Windows\BOX_cFosTASK.exe
Task: {B2D9EBF3-0628-4E11-9A63-2F149C7410AD} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\Autoupdate.exe [2013-09-13] ()
Task: {BDBB9BF9-6F3B-40CB-A14D-B1C05C01BBCF} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {C859CD7C-33FC-456E-A61E-D04914ED7473} - \Desk 365 RunAsStdUser No Task File
Task: {C887F4BB-EEB6-4850-85A3-F68BE99F0886} - System32\Tasks\{2BF3A2FF-B022-4DFB-BBEF-DFECF5571A1C} => D:\Spiele\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
Task: {D983F972-D0B8-4503-9B5D-C8229666EEB5} - System32\Tasks\{01D93FFF-22AB-4C73-9EA8-9541100EAB6D} => F:\mp3.exe
Task: {E2FA3F57-CA23-4062-B695-5A07756FBC70} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {F6B4DA8A-12CA-4798-B3B5-B5A938C0D17E} - System32\Tasks\{CFF2BD97-61C3-4E31-BB52-12EC42874460} => F:\WMP10\WMP_Deu.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core.job => C:\Users\Horst\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA.job => C:\Users\Horst\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-08-23 18:24 - 2009-08-23 18:24 - 00098304 _____ () D:\Tools\FileZilla FTP Client\fzshellext_64.dll
2013-07-31 01:19 - 2011-10-26 16:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2013-07-31 01:19 - 2011-10-26 16:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-23 11:53 - 2013-10-23 11:53 - 00043936 _____ () C:\Program Files (x86)\Overwolf\x64\OWExplorer-20015.dll
2013-02-27 16:15 - 2013-10-03 23:05 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-02-27 16:15 - 2013-10-03 23:05 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-02-27 16:15 - 2013-10-03 23:05 - 00186344 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-02-27 16:15 - 2013-10-03 23:05 - 00565224 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 13:41 - 2013-10-03 23:05 - 00700904 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2013-10-23 11:53 - 2013-10-23 11:53 - 00078240 _____ () C:\Program Files (x86)\Overwolf\OWExplorer-20015.dll
2013-09-17 18:48 - 2013-09-17 18:48 - 03279768 _____ () D:\WWW\Mozilla Firefox\mozjs.dll
2013-10-10 06:50 - 2013-10-10 06:50 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-09-04 07:54 - 2013-10-18 16:34 - 00124928 _____ () D:\Spiele\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.190\deploy\RiotLauncher.dll
2011-12-16 17:51 - 2011-12-16 17:51 - 13923280 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2011-12-16 14:37 - 2011-12-16 14:37 - 00018784 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A
AlternateDataStreams: C:\Users\Horst\Downloads\OriginalMail.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/04/2013 06:59:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/04/2013 05:39:50 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1977762175-4045540315-2714105810-1007.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {9ca1940f-85a5-42be-8094-c841f13f477a}


System errors:
=============
Error: (11/04/2013 05:59:32 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM
Uim_VIM

Error: (11/04/2013 05:47:45 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
UimBus
Uim_IM
Uim_VIM

Error: (11/04/2013 05:46:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/04/2013 05:46:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/04/2013 05:45:44 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/04/2013 05:44:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/04/2013 05:37:42 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2013 05:37:38 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ESL Wire Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2013 05:37:32 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PDAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2013 05:37:02 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Acronis Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (03/13/2011 11:58:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/13/2011 11:46:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/13/2011 11:45:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-11-04 17:59:06.378
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:59:06.378
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:47:17.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:47:17.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:45:44.468
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:45:44.468
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:31:57.109
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-04 17:31:57.109
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-03 11:53:02.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-03 11:53:02.596
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 4087.12 MB
Available physical RAM: 1617.31 MB
Total Pagefile: 8172.43 MB
Available Pagefile: 5316.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.9 GB) (Free:6.24 GB) NTFS
Drive d: () (Fixed) (Total:450 GB) (Free:124.18 GB) NTFS
Drive e: () (Fixed) (Total:381.51 GB) (Free:170.7 GB) NTFS
Drive g: () (Fixed) (Total:931.28 GB) (Free:797.7 GB) FAT32
Drive h: (Batman: Arkham Origins Disc 3) (CDROM) (Total:1.33 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0EF270DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=382 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 4EED442A)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0B)

==================== End Of Log ============================

aharonov · 04.11.2013, 22:18

Mach bitte auch noch einen FRST-Scan aus der RE:

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)

Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)

Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST 64-Bit

Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.

Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:

Über den Boot Manager:

Starte den Rechner neu.

Während dem Hochfahren drücke mehrmals die F8 Taste

Wähle nun Computer reparieren.

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD (auch bei Windows 8 möglich):

Lege die Windows CD in dein Laufwerk.

Starte den Rechner neu und starte von der CD.

Wähle die Spracheinstellungen und klicke "Weiter".

Klicke auf Computerreparaturoptionen !

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Wähle in den Reparaturoptionen: Eingabeaufforderung

Gib nun bitte notepad ein und drücke Enter.

Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.

Schließe Notepad wieder

Gib nun bitte folgenden Befehl ein.
e:\frst.exe bzw. e:\frst64.exe
Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.

Akzeptiere den Disclaimer mit Ja und klicke Untersuchen

Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

hehejo · 05.11.2013, 00:14

Kann ich FRST auch auf eine externe Festplatte drauf packen und von da aus starten? Das sollte doch gehen oder? Finde auf die schnelle leider keinen USB Stick

aharonov · 05.11.2013, 09:15

Ja das klappt natürlich auch.

hehejo · 07.11.2013, 16:18

Das mit der externen Festplatte scheint nicht zu funktionieren.

Bin nach der Anleitung vorgegangen und komme bis Punk 4.

Wenn ich dann

G: Eingebe steht da: Das Gerät ist nicht bereit.

Liegt es daran, dass die Festplatte in FAT32 formatiert ist?

Oder liegt es an was anderen?

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by SYSTEM on MININT-PTAD2C8 on 05-11-2013 18:44:05
Running from H:\
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cm108Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [cFosSpeed] - C:\Program Files\cFosSpeed\cfosspeed.exe [1587040 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [251392 2010-05-05] ()
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Horst\...\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] - C:\Program Files (x86)\NetMeter\NetMeter.exe [293888 2009-08-09] ()
HKU\Horst\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKU\Horst\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\Horst\...\Policies\system: [LogonHoursAction] 2
HKU\Horst\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser.Horst-PC\...\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] - C:\Program Files (x86)\NetMeter\NetMeter.exe [293888 2009-08-09] ()
HKU\UpdatusUser.Horst-PC\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35256 2013-10-23] (Overwolf)
HKU\UpdatusUser.Horst-PC\...\Run: [Google Update] - C:\Users\Horst\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)
HKU\UpdatusUser.Horst-PC\...\Policies\system: [LogonHoursAction] 2
HKU\UpdatusUser.Horst-PC\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
BootExecute: PDBoot.exeautocheck autochk * 

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2013-04-17] (SUPERAntiSpyware.com)
S4 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3029208 2011-06-30] (Emsi Software GmbH)
S2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [480096 2013-04-19] (cFos Software GmbH)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
S4 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-20] ()
S4 Tweak7SystemService; C:\Windows\system32\Tweak7SystemService.exe [71392 2011-09-13] (Totalidea Software)
S4 EslWireHelper; D:\Tools\EslWire\service\WireHelperSvc.exe [x]
S3 Microsoft Office Groove Audit Service; "D:\Büro\Microsoft Office\Office12\GrooveAuditService.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [85800 2011-02-20] (Emsi Software GmbH)
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
S2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20456 2010-03-10] (Windows (R) Win 7 DDK provider)
S2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-08] (DT Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-08-08] (Turtle Entertainment GmbH)
S0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [156176 2013-09-24] (<Turtle Entertainment>)
S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [7808 2011-01-18] (SweetLow)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 salmosa; C:\Windows\System32\drivers\salmosa.sys [11904 2008-03-20] (Razer (Asia-Pacific) Pte Ltd)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology)
S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology)
S0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [145360 2010-02-12] (Sun Microsystems, Inc.)
S0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-03-13] (Acronis)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ATICDSDr; \??\C:\Users\Horst\AppData\Local\Temp\ATICDSDr.sys [x]
S3 BioNTDrv; \??\E:\Sicherheit&Backup\Paragon\program\BioNTDrv.SYS [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; \??\C:\Users\Horst\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 USBMULCD; system32\drivers\CM10664.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va005; \??\C:\Users\Horst\AppData\Local\Temp\0053929.tmp [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 18:26 - 2013-11-05 18:26 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Horst\Downloads\HPUSBFW_v2.2.3.exe
2013-11-05 14:20 - 2013-11-05 14:20 - 03736125 _____ C:\Users\Horst\Downloads\testdisk-6.14.win.zip
2013-11-05 14:20 - 2013-11-05 14:20 - 00000000 ____D C:\Users\Horst\Downloads\testdisk-6.14.win
2013-11-04 21:46 - 2013-11-04 21:50 - 00070509 _____ C:\Users\Horst\Desktop\FRST.txt
2013-11-04 21:46 - 2013-11-04 21:46 - 00029004 _____ C:\Users\Horst\Desktop\Addition.txt
2013-11-04 21:45 - 2013-11-04 21:45 - 00000000 ____D C:\FRST
2013-11-04 21:41 - 2013-11-04 21:41 - 01957098 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2013-11-04 17:53 - 2013-11-04 17:53 - 01073258 _____ C:\Users\Horst\Downloads\AdwCleaner.exe
2013-11-04 17:50 - 2013-11-04 17:50 - 00029987 _____ C:\ComboFix.txt
2013-11-04 17:39 - 2013-11-04 17:50 - 00000000 ____D C:\ComboFix
2013-11-04 17:39 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-04 17:39 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-04 17:39 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-04 17:39 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-04 17:36 - 2013-11-04 17:50 - 00000000 ____D C:\Qoobox
2013-11-04 17:36 - 2013-11-04 17:49 - 00000000 ____D C:\Windows\erdnt
2013-11-04 17:34 - 2013-11-04 17:34 - 00010681 _____ C:\Users\Horst\Desktop\JRT.txt
2013-11-04 17:29 - 2013-11-04 17:29 - 05143677 ____R (Swearware) C:\Users\Horst\Downloads\ComboFix.exe
2013-11-04 17:28 - 2013-11-04 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-11-04 17:27 - 2013-11-04 17:27 - 01033335 _____ (Thisisu) C:\Users\Horst\Downloads\JRT.exe
2013-10-28 22:34 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-10-28 22:34 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433165.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433165.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-10-28 22:34 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-28 22:34 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco64.dll
2013-10-28 22:33 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2013-10-28 22:33 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 22:31 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2013-10-28 22:31 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 17:57 - 2013-10-28 17:57 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (6)
2013-10-28 12:31 - 2013-10-28 12:31 - 00000000 ____D C:\ProgramData\Overwolf
2013-10-27 04:28 - 2013-10-27 04:28 - 00001167 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-27 04:15 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433158.dll
2013-10-27 04:15 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433158.dll
2013-10-25 14:46 - 2013-10-25 14:46 - 00000000 ____D C:\Users\Horst\AppData\Local\EMU
2013-10-25 01:13 - 2013-10-25 01:13 - 00000000 ____D C:\ProgramData\Steam
2013-10-24 19:39 - 2013-10-24 19:57 - 832887269 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar.part
2013-10-24 19:39 - 2013-10-24 19:39 - 00000000 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\UpdatusUser.Horst-PC\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\Horst\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-10-23 11:26 - 2013-10-23 11:26 - 04569784 _____ C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor.zip
2013-10-23 11:07 - 2013-10-23 11:07 - 00000729 _____ C:\Users\Horst\Downloads\Letzter Countdown.ydk
2013-10-23 11:07 - 2013-10-23 11:06 - 00000701 _____ C:\Users\Horst\Downloads\Drachen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000685 _____ C:\Users\Horst\Downloads\05.Die Heiligen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000486 _____ C:\Users\Horst\Downloads\SD Yugi.ydk
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-23 00:34 - 2013-10-23 00:34 - 00000583 _____ C:\Users\Horst\Downloads\Geku LS.ydk
2013-10-23 00:34 - 2013-10-23 00:34 - 00000579 _____ C:\Users\Horst\Downloads\best laval.ydk
2013-10-23 00:33 - 2013-10-23 00:33 - 00000732 _____ C:\Users\Horst\Downloads\2.My-aim-boxin.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000656 _____ C:\Users\Horst\Downloads\Chaos Plant.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000579 _____ C:\Users\Horst\Downloads\Chaossworn.ydk
2013-10-22 16:28 - 2013-10-22 16:27 - 00000739 _____ C:\Users\Horst\Downloads\002 Fabelds.ydk
2013-10-22 16:27 - 2013-10-22 16:27 - 00000732 _____ C:\Users\Horst\Downloads\3.Flame.Star.3-Axis.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000738 _____ C:\Users\Horst\Downloads\1.edragons.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000735 _____ C:\Users\Horst\Downloads\006 Prophecy.ydk
2013-10-22 16:10 - 2013-10-22 16:10 - 00000583 _____ C:\Users\Horst\Downloads\Fire King Fleur.ydk
2013-10-22 14:35 - 2013-10-22 14:35 - 247763201 _____ (YGOPro DevPro Online                                        ) C:\Users\Horst\Downloads\SetupDevPro1.9.7r2new.exe
2013-10-20 17:47 - 2013-10-20 17:47 - 00000936 _____ C:\Users\Public\Desktop\Deponia.lnk
2013-10-20 17:47 - 2013-10-20 17:47 - 00000000 ____D C:\Users\Horst\AppData\Local\Daedalic Entertainment
2013-10-20 12:09 - 2013-10-20 12:09 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 12:09 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-20 12:09 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-20 12:09 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-20 12:09 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-20 12:08 - 2013-10-20 12:09 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 11:50 - 2013-10-27 19:54 - 01710409 _____ C:\Users\Horst\Desktop\Original_Wettmanager_2.02.xlsx
2013-10-17 11:47 - 2013-10-17 11:47 - 00051712 _____ C:\Users\Horst\Downloads\Kopie von Gesamtübersicht.xls
2013-10-17 11:41 - 2013-10-17 11:41 - 00127488 _____ C:\Users\Horst\Downloads\BetmanagerAD_version_3.xls
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Program Files\Realtek
2013-10-16 10:15 - 2013-03-29 20:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-10-16 10:15 - 2013-03-29 17:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-10-16 10:15 - 2013-03-29 16:52 - 00914992 _____ (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-10-16 10:15 - 2013-03-29 16:10 - 00449481 _____ C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-10-16 10:15 - 2013-03-27 15:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-10-16 10:15 - 2013-03-26 16:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-10-16 10:15 - 2013-03-26 16:04 - 02734624 _____ (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-10-16 10:15 - 2013-03-26 14:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-10-16 10:15 - 2013-03-26 13:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-10-16 10:15 - 2013-03-25 16:32 - 03180264 _____ C:\Windows\System32\Drivers\rtvienna.dat
2013-10-16 10:15 - 2013-03-23 02:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-10-16 10:15 - 2013-03-20 12:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioVnA64.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 02102040 _____ (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 01900312 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek264.dll
2013-10-16 10:15 - 2013-03-20 12:16 - 00910104 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell64.dll
2013-10-16 10:15 - 2013-03-15 18:34 - 04957976 _____ (A-volute) C:\Windows\System32\RTKSMlfx.dll
2013-10-16 10:15 - 2013-03-15 18:33 - 00887640 _____ (A-Volute) C:\Windows\System32\RTKSMSettingsIPC.dll
2013-10-16 10:15 - 2013-03-12 17:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtDataProc64.dll
2013-10-16 10:15 - 2013-03-08 11:51 - 00904752 _____ (Sony Corporation) C:\Windows\System32\MISS_APO.dll
2013-10-16 10:15 - 2013-02-28 12:10 - 14021912 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek64.dll
2013-10-16 10:15 - 2013-02-28 12:10 - 02032408 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00823072 _____ (SRS Labs, Inc.) C:\Windows\System32\slcnt64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00633632 _____ (SRS Labs, Inc.) C:\Windows\System32\sltech64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00517408 _____ (SRS Labs, Inc.) C:\Windows\System32\sl3apo64.dll
2013-10-16 10:15 - 2013-02-27 04:37 - 00213792 _____ (TODO: <Company name>) C:\Windows\System32\slprp64.dll
2013-10-16 10:15 - 2013-02-21 16:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\System32\tossaeapo64.dll
2013-10-16 10:15 - 2013-02-21 16:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\System32\toseaeapo64.dll
2013-10-16 10:15 - 2013-02-21 16:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\System32\tosasfapo64.dll
2013-10-16 10:15 - 2013-02-20 17:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-10-16 10:15 - 2013-02-19 17:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-10-16 10:15 - 2013-01-17 18:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO5064.dll
2013-10-16 10:15 - 2012-12-12 10:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00501192 _____ (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00487368 _____ (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-10-16 10:15 - 2012-10-02 13:41 - 00415688 _____ (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-10-16 10:15 - 2012-09-10 19:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO4064.dll
2013-10-16 10:15 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-10-16 10:15 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-10-16 10:15 - 2012-07-15 20:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxVolumeSDAPO.dll
2013-10-16 10:15 - 2012-06-20 16:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2013-10-16 10:15 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-10-16 10:15 - 2012-01-30 10:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\System32\tadefxapo264.dll
2013-10-16 10:15 - 2012-01-10 09:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\System32\tepeqapo64.dll
2013-10-16 10:15 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-10-16 10:15 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\System32\SFNHK64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\System32\SFCOM64.dll
2013-10-16 10:15 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\System32\SFAPO64.dll
2013-10-16 10:15 - 2011-08-23 16:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\System32\KAAPORT64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\System32\DTSS2SpeakerDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\System32\DTSBoostDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\System32\DTSBassEnhancementDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\System32\DTSSymmetryDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\System32\DTSVoiceClarityDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\System32\DTSNeoPCDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\System32\DTSLimiterDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\System32\DTSGainCompensatorDLL64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\System32\DTSLFXAPO64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\System32\DTSGFXAPO64.dll
2013-10-16 10:15 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\System32\DTSGFXAPONS64.dll
2013-10-16 10:15 - 2011-03-17 11:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\System32\tosade.dll
2013-10-16 10:15 - 2011-03-07 16:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\System32\tadefxapo.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-10-16 10:15 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-10-16 10:15 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-10-16 10:15 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-10-16 10:15 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-10-16 10:15 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-10-16 10:12 - 2013-10-16 10:12 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-16 10:11 - 2013-10-16 10:11 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\Horst\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-10-14 20:53 - 2013-10-14 20:53 - 00000000 ____D C:\Users\Horst\Downloads\ipstorage
2013-10-14 20:43 - 2013-10-14 20:44 - 00000000 ____D C:\Users\Horst\Downloads\cache
2013-10-14 20:43 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\languages
2013-10-14 20:38 - 2013-10-14 20:38 - 00002665 _____ C:\Users\Public\Desktop\TJPing.lnk
2013-10-14 20:38 - 2013-10-14 20:38 - 00000000 ____D C:\Program Files (x86)\Top Jimmy Software
2013-10-14 20:31 - 2013-10-16 19:28 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (5)
2013-10-13 13:30 - 2013-10-13 13:30 - 00000209 _____ C:\Users\Horst\Desktop\Tower Wars.url
2013-10-12 17:51 - 2013-10-12 17:51 - 00096872 _____ (Spotify Ltd) C:\Users\Horst\Downloads\SpotifySetup.exe
2013-10-12 15:56 - 2013-10-12 15:56 - 00000000 ____D C:\Users\Horst\AppData\Local\My Games
2013-10-12 15:55 - 2013-10-27 04:29 - 00109878 _____ C:\Windows\DirectX.log
2013-10-12 15:46 - 2013-10-12 15:46 - 00000207 _____ C:\Users\Horst\Desktop\Sid Meier's Civilization V.url
2013-10-11 06:21 - 2013-10-11 06:21 - 00000687 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-09 06:07 - 2013-10-09 06:07 - 00000209 _____ C:\Users\Horst\Desktop\Haunted Memories.url
2013-10-08 17:44 - 2013-10-08 17:44 - 00000000 ____D C:\Users\Horst\Downloads\de_cache_csgo
2013-10-08 00:18 - 2013-10-08 00:18 - 13452423 _____ C:\Users\Horst\Downloads\de_cache_csgo.zip
2013-10-07 23:43 - 2013-10-07 23:43 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Bioshock2Steam
2013-10-06 12:05 - 2013-10-06 12:09 - 00000000 ____D C:\Users\Horst\Documents\Battlefield 4

==================== One Month Modified Files and Folders =======

2013-11-05 18:40 - 2013-08-17 17:23 - 00501910 _____ C:\Windows\WindowsUpdate.log
2013-11-05 18:40 - 2010-01-13 18:39 - 00000000 ____D C:\Users\Horst\AppData\Roaming\TS3Client
2013-11-05 18:26 - 2013-11-05 18:26 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Horst\Downloads\HPUSBFW_v2.2.3.exe
2013-11-05 18:20 - 2012-12-03 19:41 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core.job
2013-11-05 18:12 - 2012-12-03 19:41 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA.job
2013-11-05 17:50 - 2012-09-17 19:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 15:50 - 2012-03-09 17:31 - 00000000 ____D C:\Users\Horst\Desktop\fun
2013-11-05 14:20 - 2013-11-05 14:20 - 03736125 _____ C:\Users\Horst\Downloads\testdisk-6.14.win.zip
2013-11-05 14:20 - 2013-11-05 14:20 - 00000000 ____D C:\Users\Horst\Downloads\testdisk-6.14.win
2013-11-05 13:42 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-05 13:42 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-05 12:59 - 2009-07-14 18:58 - 00711272 _____ C:\Windows\System32\perfh007.dat
2013-11-05 12:59 - 2009-07-14 18:58 - 00154258 _____ C:\Windows\System32\perfc007.dat
2013-11-05 12:59 - 2009-07-14 06:13 - 01652510 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-05 12:53 - 2013-10-05 22:51 - 00011930 _____ C:\Windows\setupact.log
2013-11-05 12:53 - 2012-04-10 23:04 - 00000000 ____D C:\Users\Horst\AppData\Local\Overwolf
2013-11-05 12:53 - 2011-10-01 11:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-05 12:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 12:31 - 2013-10-05 23:06 - 00022854 _____ C:\Windows\PFRO.log
2013-11-05 00:35 - 2012-06-04 20:21 - 00000000 ____D C:\Users\Horst\AppData\Roaming\vlc
2013-11-04 21:50 - 2013-11-04 21:46 - 00070509 _____ C:\Users\Horst\Desktop\FRST.txt
2013-11-04 21:46 - 2013-11-04 21:46 - 00029004 _____ C:\Users\Horst\Desktop\Addition.txt
2013-11-04 21:45 - 2013-11-04 21:45 - 00000000 ____D C:\FRST
2013-11-04 21:41 - 2013-11-04 21:41 - 01957098 _____ (Farbar) C:\Users\Horst\Desktop\FRST64.exe
2013-11-04 17:56 - 2013-08-25 02:34 - 00000000 ____D C:\AdwCleaner
2013-11-04 17:53 - 2013-11-04 17:53 - 01073258 _____ C:\Users\Horst\Downloads\AdwCleaner.exe
2013-11-04 17:50 - 2013-11-04 17:50 - 00029987 _____ C:\ComboFix.txt
2013-11-04 17:50 - 2013-11-04 17:39 - 00000000 ____D C:\ComboFix
2013-11-04 17:50 - 2013-11-04 17:36 - 00000000 ____D C:\Qoobox
2013-11-04 17:49 - 2013-11-04 17:36 - 00000000 ____D C:\Windows\erdnt
2013-11-04 17:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-04 17:46 - 2012-03-13 20:32 - 00262144 _____ C:\Windows\System32\config\SECURITY.bak
2013-11-04 17:46 - 2012-02-05 17:19 - 00036864 _____ C:\Windows\System32\config\SAM.bak
2013-11-04 17:46 - 2011-10-29 19:37 - 69730304 _____ C:\Windows\System32\config\SOFTWARE.bak
2013-11-04 17:46 - 2011-09-28 15:22 - 27787264 _____ C:\Windows\System32\config\SYSTEM.bak
2013-11-04 17:46 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\System32\config\DEFAULT.bak
2013-11-04 17:34 - 2013-11-04 17:34 - 00010681 _____ C:\Users\Horst\Desktop\JRT.txt
2013-11-04 17:29 - 2013-11-04 17:29 - 05143677 ____R (Swearware) C:\Users\Horst\Downloads\ComboFix.exe
2013-11-04 17:28 - 2013-11-04 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-11-04 17:27 - 2013-11-04 17:27 - 01033335 _____ (Thisisu) C:\Users\Horst\Downloads\JRT.exe
2013-11-04 09:07 - 2011-09-08 20:28 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-03 12:01 - 2010-02-09 20:13 - 00000000 ____D C:\Users\Horst\AppData\Roaming\mIRC
2013-11-01 20:26 - 2013-10-05 22:15 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-28 22:42 - 2013-09-10 13:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-10-28 22:37 - 2012-02-22 18:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 22:33 - 2012-02-22 18:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 22:33 - 2011-10-01 10:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-28 17:57 - 2013-10-28 17:57 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (6)
2013-10-28 16:47 - 2013-06-13 18:53 - 00000000 ____D C:\Users\Horst\Desktop\Bewerbungen Hannover
2013-10-28 12:31 - 2013-10-28 12:31 - 00000000 ____D C:\ProgramData\Overwolf
2013-10-27 19:54 - 2013-10-17 11:50 - 01710409 _____ C:\Users\Horst\Desktop\Original_Wettmanager_2.02.xlsx
2013-10-27 04:29 - 2013-10-12 15:55 - 00109878 _____ C:\Windows\DirectX.log
2013-10-27 04:28 - 2013-10-27 04:28 - 00001167 _____ C:\Users\Public\Desktop\Batman Arkham Origins.lnk
2013-10-26 10:45 - 2013-10-05 22:54 - 00000000 ____D C:\users\UpdatusUser.Horst-PC
2013-10-25 14:46 - 2013-10-25 14:46 - 00000000 ____D C:\Users\Horst\AppData\Local\EMU
2013-10-25 01:13 - 2013-10-25 01:13 - 00000000 ____D C:\ProgramData\Steam
2013-10-25 01:13 - 2011-11-27 05:28 - 00000000 ____D C:\Users\Horst\Documents\WB Games
2013-10-24 19:57 - 2013-10-24 19:39 - 832887269 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar.part
2013-10-24 19:39 - 2013-10-24 19:39 - 00000000 _____ C:\Users\Horst\Downloads\How_to_Survive___by_Creyplays.rar
2013-10-23 11:30 - 2013-10-28 22:34 - 30344480 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 25257248 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 18199872 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 12572960 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 22:34 - 11426568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 11374520 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 03131680 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 03124512 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00696096 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00655136 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-10-23 11:30 - 2013-10-28 22:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 18286416 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 03067560 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-02-22 18:15 - 01435504 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-10-23 11:30 - 2011-10-25 16:23 - 00023287 _____ C:\Windows\System32\nvinfo.pb
2013-10-23 11:30 - 2011-02-13 10:52 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Sun
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\UpdatusUser.Horst-PC\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00001477 _____ C:\Users\Horst\Desktop\JDownloaderPasswordDecryptor.lnk
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor
2013-10-23 11:27 - 2013-10-23 11:27 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-10-23 11:26 - 2013-10-23 11:26 - 04569784 _____ C:\Users\Horst\Downloads\JDownloaderPasswordDecryptor.zip
2013-10-23 11:07 - 2013-10-23 11:07 - 00000729 _____ C:\Users\Horst\Downloads\Letzter Countdown.ydk
2013-10-23 11:06 - 2013-10-23 11:07 - 00000701 _____ C:\Users\Horst\Downloads\Drachen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000685 _____ C:\Users\Horst\Downloads\05.Die Heiligen.ydk
2013-10-23 11:06 - 2013-10-23 11:06 - 00000486 _____ C:\Users\Horst\Downloads\SD Yugi.ydk
2013-10-23 09:20 - 2012-02-22 18:16 - 03426956 _____ C:\Windows\System32\nvcoproc.bin
2013-10-23 09:20 - 2012-02-22 18:16 - 02559776 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 06669600 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 03489568 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 00922912 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-10-23 09:20 - 2012-02-22 18:14 - 00219424 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-10-23 09:20 - 2012-02-22 18:14 - 00063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-23 00:34 - 2013-10-23 00:34 - 00000583 _____ C:\Users\Horst\Downloads\Geku LS.ydk
2013-10-23 00:34 - 2013-10-23 00:34 - 00000579 _____ C:\Users\Horst\Downloads\best laval.ydk
2013-10-23 00:33 - 2013-10-23 00:33 - 00000732 _____ C:\Users\Horst\Downloads\2.My-aim-boxin.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000656 _____ C:\Users\Horst\Downloads\Chaos Plant.ydk
2013-10-22 23:30 - 2013-10-22 23:30 - 00000579 _____ C:\Users\Horst\Downloads\Chaossworn.ydk
2013-10-22 17:43 - 2013-09-25 23:22 - 00000000 ____D C:\Users\Horst\AppData\Roaming\QuickScan
2013-10-22 16:27 - 2013-10-22 16:28 - 00000739 _____ C:\Users\Horst\Downloads\002 Fabelds.ydk
2013-10-22 16:27 - 2013-10-22 16:27 - 00000732 _____ C:\Users\Horst\Downloads\3.Flame.Star.3-Axis.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000738 _____ C:\Users\Horst\Downloads\1.edragons.ydk
2013-10-22 16:26 - 2013-10-22 16:26 - 00000735 _____ C:\Users\Horst\Downloads\006 Prophecy.ydk
2013-10-22 16:10 - 2013-10-22 16:10 - 00000583 _____ C:\Users\Horst\Downloads\Fire King Fleur.ydk
2013-10-22 14:35 - 2013-10-22 14:35 - 247763201 _____ (YGOPro DevPro Online                                        ) C:\Users\Horst\Downloads\SetupDevPro1.9.7r2new.exe
2013-10-20 17:47 - 2013-10-20 17:47 - 00000936 _____ C:\Users\Public\Desktop\Deponia.lnk
2013-10-20 17:47 - 2013-10-20 17:47 - 00000000 ____D C:\Users\Horst\AppData\Local\Daedalic Entertainment
2013-10-20 17:44 - 2009-12-30 13:25 - 00000000 ____D C:\Users\Horst\AppData\Roaming\DAEMON Tools Lite
2013-10-20 17:32 - 2013-10-05 22:16 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-20 17:32 - 2013-10-05 22:16 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-20 17:32 - 2011-10-01 11:26 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-20 12:09 - 2013-10-20 12:09 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 12:09 - 2013-10-20 12:08 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-20 12:09 - 2009-12-30 15:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 11:44 - 2013-04-14 23:21 - 00000000 ____D C:\Program Files (x86)\OBS
2013-10-19 12:16 - 2012-04-07 23:48 - 00002370 _____ C:\Users\Horst\Desktop\Google Chrome.lnk
2013-10-18 02:36 - 2013-10-28 22:33 - 01063200 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 22:33 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 11:47 - 2013-10-17 11:47 - 00051712 _____ C:\Users\Horst\Downloads\Kopie von Gesamtübersicht.xls
2013-10-17 11:46 - 2012-11-04 21:51 - 00239616 _____ C:\Users\Horst\Downloads\Monatsvorlage.xls
2013-10-17 11:41 - 2013-10-17 11:41 - 00127488 _____ C:\Users\Horst\Downloads\BetmanagerAD_version_3.xls
2013-10-16 19:28 - 2013-10-14 20:31 - 00000000 ____D C:\Users\Horst\Desktop\Neuer Ordner (5)
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-10-16 10:16 - 2013-10-16 10:16 - 00000000 ____D C:\Program Files\Realtek
2013-10-16 10:15 - 2009-12-30 01:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-16 10:12 - 2013-10-16 10:12 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-16 10:11 - 2013-10-16 10:11 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\Horst\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-10-16 01:48 - 2013-10-27 04:15 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-27 04:15 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433158.dll
2013-10-15 11:17 - 2013-05-16 20:11 - 00000000 ____D C:\Users\Horst\Desktop\Schule dies das
2013-10-14 20:53 - 2013-10-14 20:53 - 00000000 ____D C:\Users\Horst\Downloads\ipstorage
2013-10-14 20:44 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\cache
2013-10-14 20:43 - 2013-10-14 20:43 - 00000000 ____D C:\Users\Horst\Downloads\languages
2013-10-14 20:38 - 2013-10-14 20:38 - 00002665 _____ C:\Users\Public\Desktop\TJPing.lnk
2013-10-14 20:38 - 2013-10-14 20:38 - 00000000 ____D C:\Program Files (x86)\Top Jimmy Software
2013-10-13 13:30 - 2013-10-13 13:30 - 00000209 _____ C:\Users\Horst\Desktop\Tower Wars.url
2013-10-13 12:30 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-12 17:51 - 2013-10-12 17:51 - 00096872 _____ (Spotify Ltd) C:\Users\Horst\Downloads\SpotifySetup.exe
2013-10-12 15:56 - 2013-10-12 15:56 - 00000000 ____D C:\Users\Horst\AppData\Local\My Games
2013-10-12 15:55 - 2010-12-29 20:16 - 00000000 ____D C:\Users\Horst\Documents\My Games
2013-10-12 15:46 - 2013-10-12 15:46 - 00000207 _____ C:\Users\Horst\Desktop\Sid Meier's Civilization V.url
2013-10-11 13:30 - 2010-01-04 19:19 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-10-11 06:21 - 2013-10-11 06:21 - 00000687 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-11 03:29 - 2009-12-29 15:49 - 00009956 _____ C:\Users\Horst\Desktop\ESL WAC PROOF HACK. How to.txt
2013-10-10 06:50 - 2012-09-17 19:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 06:50 - 2012-09-17 19:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 06:50 - 2011-09-20 23:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 06:07 - 2013-10-09 06:07 - 00000209 _____ C:\Users\Horst\Desktop\Haunted Memories.url
2013-10-09 05:55 - 2011-09-10 19:58 - 00000000 ____D C:\ProgramData\IObit
2013-10-08 17:44 - 2013-10-08 17:44 - 00000000 ____D C:\Users\Horst\Downloads\de_cache_csgo
2013-10-08 17:07 - 2012-12-03 19:41 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001UA
2013-10-08 17:07 - 2012-12-03 19:41 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1977762175-4045540315-2714105810-1001Core
2013-10-08 06:50 - 2013-10-20 12:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 06:46 - 2013-10-20 12:09 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 06:46 - 2013-10-20 12:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 06:46 - 2013-10-20 12:09 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 00:18 - 2013-10-08 00:18 - 13452423 _____ C:\Users\Horst\Downloads\de_cache_csgo.zip
2013-10-07 23:43 - 2013-10-07 23:43 - 00000000 ____D C:\Users\Horst\AppData\Roaming\Bioshock2Steam
2013-10-07 13:49 - 2013-09-29 08:33 - 00000000 ____D C:\Users\Horst\AppData\Local\Comodo
2013-10-07 13:49 - 2013-08-19 01:25 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-06 12:09 - 2013-10-06 12:05 - 00000000 ____D C:\Users\Horst\Documents\Battlefield 4
2013-10-06 12:05 - 2011-10-27 19:22 - 00000000 ____D C:\ProgramData\Origin
2013-10-06 12:05 - 2010-06-26 20:30 - 00000000 ____D C:\Users\Horst\AppData\Local\PunkBuster

Some content of TEMP:
====================
C:\Users\Horst\AppData\Local\Temp\Quarantine.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4087.12 MB
Available physical RAM: 3448.36 MB
Total Pagefile: 4085.27 MB
Available Pagefile: 3436.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.9 GB) (Free:6.55 GB) NTFS
Drive e: () (Fixed) (Total:450 GB) (Free:124.18 GB) NTFS
Drive f: () (Fixed) (Total:381.51 GB) (Free:108.13 GB) NTFS
Drive h: () (Fixed) (Total:931.51 GB) (Free:931.39 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0EF270DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=382 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 0132ECF3)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)


LastRegBack: 2013-06-11 09:34

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Gibts noch irgendwas, was ich tun kann?

Keine weiteren Anweisungen?

aharonov · 08.11.2013, 00:53

Hi,

nicht wirklich was zu sehen.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

aharonov · 17.11.2013, 22:13

Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

05.11.2013, 09:15	#6
aharonov /// TB-Ausbilder	Mail delivery failed: returning message to sender Ja das klappt natürlich auch. __________________ --> Mail delivery failed: returning message to sender

Mail delivery failed: returning message to sender

Plagegeister aller Art und deren Bekämpfung: Mail delivery failed: returning message to sender