Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
JS/BlacoleRef.DD.38 in Firefox Cache Win 7

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


Log-Analyse und Auswertung: JS/BlacoleRef.DD.38 in Firefox Cache Win 7

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 13.11.2013, 13:42   #1
Craser
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


Moin liebe Board-User,

hab heute diese Meldung bekommen von AntiVir (und entfernen lassen), hoffe ich hab alles zusammen was benötigt wird:

AntiVir meldet:
Code:
ATTFilter
AppData\Local\Mozilla\Firefox\Profiles\bvwq14qf.default\Cache\_CACHE_003_'
wurde ein Virus oder unerwünschtes Programm 'JS/BlacoleRef.DD.38' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
DeFogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:03 on 13/11/2013 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST
FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2013
Ran by User (administrator) on User-PC on 13-11-2013 13:06:28
Running from C:\Users\User\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(FontExplorer X) C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Marvell) C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(FontExplorer X) C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontExplorerX.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\spotify.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\7.0\dynamiclinkmanager.exe
(Joyent, Inc) C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop-node.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\InDesign.exe
() C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\Utilities\adb.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Program Files (x86)\Revolver Office\Revolver Office.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2722080 2013-08-09] ()
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Spotify Web Helper] - C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-15] (Spotify Ltd)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [FontExplorerX] - C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontExplorerX.exe [825656 2013-07-25] (FontExplorer X)
HKCU\...\Run: [Spotify] - C:\Users\User\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-15] (Spotify Ltd)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSUTray] - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe [1202216 2011-11-25] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: 172.16.6.9:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x81D5CF7D25ACCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 172.21.10.5 172.21.10.3

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default\Extensions\firebug@software.joehewitt.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 fexservice; C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe [48952 2013-07-25] (FontExplorer X)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 MSUWebService; C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe [24645 2011-11-22] (Apache Software Foundation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [1248544 2013-08-09] (NVIDIA Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [82800 2013-07-02] (X-Rite Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)
R3 e1qexpress; C:\Windows\System32\DRIVERS\e1q60x64.sys [244736 2009-06-10] (Intel Corporation)
S3 EyeOne; C:\Windows\System32\Drivers\i1_x64.sys [51600 2011-03-10] (Thesycon GmbH, Germany)
R3 Mv_Process; c:\windows\syswow64\mv_process.sys [14376 2011-11-22] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 ubohci; C:\Windows\System32\DRIVERS\ubohci.sys [114688 2007-10-04] (Unibrain S.A.)
R2 ubsbm; C:\Windows\System32\DRIVERS\ubsbm.sys [23040 2007-08-03] (Unibrain S.A.)
R2 ubumapi; C:\Windows\System32\DRIVERS\ubumapi.sys [78336 2007-08-03] (Unibrain S.A.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2013-07-10] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [10240 2013-07-10] (Nicomsoft Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-13 13:06 - 2013-11-13 13:06 - 00018962 _____ C:\Users\User\Desktop\FRST.txt
2013-11-13 13:06 - 2013-11-13 13:06 - 00000000 ____D C:\FRST
2013-11-13 13:05 - 2013-11-13 13:05 - 01957610 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00000478 _____ C:\Users\User\Downloads\defogger_disable.log
2013-11-13 13:03 - 2013-11-13 13:03 - 00000000 _____ C:\Users\User\defogger_reenable
2013-11-11 13:49 - 2013-11-11 13:49 - 06026369 _____ C:\Users\User\Downloads\jsn_solid_docs.zip
2013-11-11 13:38 - 2013-11-11 13:40 - 43475453 _____ C:\Users\User\Downloads\jsn_solid_pro_standard_j25_quickstart.zip
2013-11-11 13:22 - 2013-11-11 13:23 - 00333095 _____ C:\Users\User\Downloads\de-DE_joomla_lang_full_2.5.16v1.zip
2013-11-11 12:55 - 2013-11-11 12:56 - 26055071 _____ C:\Users\User\Downloads\jsn_solid_free_j25_quickstart.zip
2013-11-06 13:12 - 2013-11-06 13:13 - 00000000 ____D C:\Users\User\Documents\Any Video Converter
2013-11-06 13:12 - 2013-11-06 13:12 - 00001199 _____ C:\Users\User\Desktop\Any Video Converter.lnk
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter Professional
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:11 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-11-06 13:09 - 2013-11-06 13:11 - 35631456 _____ (Any-Video-Converter.com                                     ) C:\Users\User\Downloads\avc-free-5.0.9.exe
2013-11-06 13:07 - 2013-11-06 13:08 - 06982971 _____ C:\Users\User\Desktop\stalltuning_deutsch.....webm
2013-11-06 13:03 - 2013-11-06 13:06 - 11529424 _____ C:\Users\User\Desktop\stalltuning_deutsch.mp4
2013-11-06 12:58 - 2013-11-06 12:59 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-06 12:50 - 2013-11-06 12:51 - 27454736 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\User\Downloads\FreeWebMVideoConverter.exe
2013-11-06 12:50 - 2013-10-31 16:32 - 183573266 _____ C:\Users\User\Desktop\PAl_Stalltuning_deutsch.mp4
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\Public\Documents\Adobe
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc
2013-11-06 10:06 - 2013-11-06 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 08:20 - 2013-11-05 08:20 - 08095190 _____ C:\Users\User\Downloads\waxing beauty(1).zip
2013-11-04 15:29 - 2013-11-04 15:30 - 00000000 ____D C:\Users\User\Desktop\weh
2013-11-04 11:05 - 2013-11-04 11:05 - 00094985 _____ C:\Users\User\Downloads\Didact_Gothic.zip
2013-11-01 14:05 - 2013-11-01 11:27 - 00099514 _____ C:\Users\User\Downloads\sf_grandezza.zip
2013-11-01 12:51 - 2013-11-01 12:51 - 00091205 _____ C:\Users\User\Downloads\Friz Quadrata Regular Italic.ttf
2013-11-01 12:20 - 2013-11-01 12:20 - 00028993 _____ C:\Users\User\Downloads\blairmditc_tt_medium.zip
2013-11-01 11:48 - 2013-11-01 11:48 - 00014317 _____ C:\Users\User\Downloads\frquad.zip
2013-11-01 11:43 - 2013-11-01 11:43 - 00028542 _____ C:\Users\User\Downloads\Garogier.zip
2013-11-01 10:42 - 2013-11-01 10:42 - 01185346 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.eps
2013-11-01 10:37 - 2013-11-01 10:37 - 01342876 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.ai
2013-10-31 15:39 - 2013-10-31 15:39 - 00217172 _____ C:\Users\User\Downloads\Archivo_Narrow.zip
2013-10-31 14:48 - 2013-10-31 16:32 - 00000000 ____D C:\Users\User\Desktop\Pal_Lüftung_deutsch3 Ordner
2013-10-31 08:48 - 2013-11-06 13:09 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2013-10-31 08:48 - 2013-10-31 08:48 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-31 08:48 - 2013-10-31 08:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-31 08:47 - 2013-10-31 08:47 - 23280480 _____ C:\Users\User\Downloads\vlc-2.1.0-win64.exe
2013-10-30 13:24 - 2013-10-30 13:24 - 03238389 _____ C:\Users\User\Downloads\quickstartguide.pdf.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 02239606 _____ C:\Users\User\Downloads\com_akeeba-3.8.2-core.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 00043927 _____ C:\Users\User\Downloads\akeebabackup-de-DE-j25.zip
2013-10-30 13:21 - 2013-10-30 13:21 - 00351624 _____ C:\Users\User\Downloads\ipricecalc_light_unzip1st.zip
2013-10-30 13:19 - 2013-10-30 13:19 - 00005117 _____ C:\Users\User\Downloads\mod_days_converter_1383135569.zip
2013-10-30 12:55 - 2013-10-30 12:55 - 03490991 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4 Ordner.zip
2013-10-30 12:54 - 2013-10-30 12:54 - 00724992 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4.indd
2013-10-30 12:05 - 2013-10-30 12:05 - 00085878 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light.ttf
2013-10-30 12:03 - 2013-10-30 12:03 - 00059790 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light_oblique.ttf
2013-10-30 08:43 - 2013-10-30 08:43 - 04460353 _____ C:\Users\User\Downloads\a_few_red_heart_vector_152565.zip
2013-10-29 15:23 - 2013-10-30 08:26 - 00000000 ____D C:\Users\User\AppData\Local\Apple Computer
2013-10-29 13:29 - 2013-10-29 13:29 - 04801925 _____ C:\Users\User\Downloads\sun_kissed_photoshop_action_by_elestrial-d36odpj.zip
2013-10-29 13:27 - 2013-10-29 13:27 - 00001633 _____ C:\Users\User\Downloads\photoshop-action-Smooth skin.zip
2013-10-29 13:26 - 2013-10-29 13:26 - 00000795 _____ C:\Users\User\Downloads\action_056___TEETH_WHITENING___by_ModernActions.atn
2013-10-29 13:25 - 2013-10-29 13:24 - 00007968 _____ C:\Users\User\Downloads\ACTIONS_3D_by_JonasFan93.atn
2013-10-29 13:18 - 2013-10-29 13:18 - 00012644 _____ C:\Users\User\Downloads\RoTP-All-Presets.zip
2013-10-28 14:10 - 2013-10-28 14:10 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 14:10 - 2013-10-28 14:10 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 14:10 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-28 14:10 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-28 14:10 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-28 14:10 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-25 08:30 - 2013-10-25 08:30 - 08095190 _____ C:\Users\User\Downloads\waxing beauty.zip
2013-10-25 08:29 - 2013-10-25 08:29 - 00012933 _____ C:\Users\User\Desktop\Labtop Wide.zip
2013-10-24 14:31 - 2013-10-24 14:31 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff(1).html
2013-10-23 09:15 - 2013-10-23 09:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\FileZilla
2013-10-23 09:14 - 2013-10-23 09:14 - 07241860 _____ C:\Users\W-Lan\Downloads\FileZilla_3.7.3_win32.zip
2013-10-22 14:46 - 2013-10-22 14:46 - 00018630 _____ C:\Users\User\Downloads\Strait.zip
2013-10-21 14:22 - 2013-10-21 14:23 - 00000132 _____ C:\Users\W-Lan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-10-21 14:20 - 2013-10-21 14:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\NVIDIA
2013-10-21 11:55 - 2013-10-21 11:55 - 00000000 ____D C:\Users\W-Lan\Desktop\RTL8188_8191_8192_SU_WindowsDriver_1086.48.0809.2011.F0049_12.P0406_UI_1.00.0187.L
2013-10-21 11:55 - 2011-08-11 12:46 - 00694376 _____ (Realtek Semiconductor Corporation                           ) C:\Windows\system32\Drivers\RTL8192su.sys
2013-10-21 11:08 - 2013-10-21 11:10 - 88065608 _____ C:\Users\User\Downloads\Fotos_Original.rar
2013-10-21 08:35 - 2013-10-21 08:35 - 00037336 _____ C:\Users\User\Downloads\text-me-one.regular.ttf
2013-10-21 07:43 - 2013-10-21 07:43 - 00000881 _____ C:\Users\Public\Desktop\Mobilizer.lnk
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Users\User\AppData\Roaming\com.springbox.mobilizer
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Program Files (x86)\Mobilizer
2013-10-21 07:42 - 2013-10-21 07:43 - 02761523 _____ C:\Users\User\Downloads\Mobilizer.air
2013-10-17 10:53 - 2013-10-17 10:56 - 00104028 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne_207.txt
2013-10-17 10:41 - 2013-10-17 10:52 - 00283848 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne.txt
2013-10-15 15:54 - 2013-10-15 15:54 - 01182530 _____ C:\Users\User\Downloads\exo.zip
2013-10-15 15:54 - 2013-10-15 15:54 - 00000000 ____D C:\Users\User\Downloads\exo
2013-10-15 14:00 - 2013-10-31 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-15 11:33 - 2013-10-15 11:33 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff.html
2013-10-14 15:32 - 2013-10-14 15:47 - 1663088084 _____ C:\Users\User\Desktop\France_2.avi
2013-10-14 14:52 - 2013-10-14 15:28 - 3307571434 _____ C:\Users\User\Desktop\France_1.avi
2013-10-14 13:49 - 2013-10-14 14:50 - 3496154838 _____ C:\Users\User\Desktop\France.avi
2013-10-14 13:10 - 2013-10-14 13:12 - 00393264 _____ C:\Users\User\Desktop\France_1.mov
2013-10-14 12:02 - 2013-10-14 12:05 - 04956424 _____ C:\Users\User\Desktop\Pal_Lüftung_Frankreich.aep
2013-10-14 11:33 - 2013-10-14 11:33 - 00024343 _____ C:\Users\User\Downloads\batch_search-n-replace_paths_v1.7.zip

==================== One Month Modified Files and Folders =======

2013-11-13 13:06 - 2013-11-13 13:06 - 00018962 _____ C:\Users\User\Desktop\FRST.txt
2013-11-13 13:06 - 2013-11-13 13:06 - 00000000 ____D C:\FRST
2013-11-13 13:06 - 2013-09-08 02:18 - 00000512 _____ C:\Windows\SysWOW64\za_mv_raid.ev
2013-11-13 13:06 - 2011-11-22 04:08 - 00067584 _____ C:\Windows\SysWOW64\freqdb.db
2013-11-13 13:05 - 2013-11-13 13:05 - 01957610 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00000478 _____ C:\Users\User\Downloads\defogger_disable.log
2013-11-13 13:03 - 2013-11-13 13:03 - 00000000 _____ C:\Users\User\defogger_reenable
2013-11-13 13:03 - 2013-09-09 15:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2013-11-13 13:03 - 2013-09-08 00:50 - 00000000 ____D C:\Users\User
2013-11-13 12:59 - 2013-09-10 08:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-13 12:34 - 2013-09-08 14:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2013-11-13 12:20 - 2013-09-08 01:05 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 11:48 - 2013-09-12 09:05 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2013-11-13 08:37 - 2013-09-08 00:49 - 01166616 _____ C:\Windows\WindowsUpdate.log
2013-11-13 08:30 - 2013-09-08 01:00 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-11-13 08:28 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-13 08:28 - 2009-07-14 05:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-13 08:25 - 2011-04-12 08:43 - 00698514 _____ C:\Windows\system32\perfh007.dat
2013-11-13 08:25 - 2011-04-12 08:43 - 00148570 _____ C:\Windows\system32\perfc007.dat
2013-11-13 08:25 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-13 08:24 - 2013-09-11 13:19 - 00001454 ____H C:\Windows\Tasks\{DD8046B0-2077-4899-AFCD-A0D034E183D4}.job
2013-11-13 08:24 - 2013-09-08 14:52 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2013-11-13 08:24 - 2013-09-08 01:05 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 08:21 - 2013-09-08 02:18 - 00009828 _____ C:\Windows\SysWOW64\mvaccelerator.log
2013-11-13 08:20 - 2013-09-08 02:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-13 08:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-13 08:20 - 2009-07-14 05:51 - 00036459 _____ C:\Windows\setupact.log
2013-11-11 13:49 - 2013-11-11 13:49 - 06026369 _____ C:\Users\User\Downloads\jsn_solid_docs.zip
2013-11-11 13:40 - 2013-11-11 13:38 - 43475453 _____ C:\Users\User\Downloads\jsn_solid_pro_standard_j25_quickstart.zip
2013-11-11 13:33 - 2013-09-11 10:38 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-11 13:23 - 2013-11-11 13:22 - 00333095 _____ C:\Users\User\Downloads\de-DE_joomla_lang_full_2.5.16v1.zip
2013-11-11 12:56 - 2013-11-11 12:55 - 26055071 _____ C:\Users\User\Downloads\jsn_solid_free_j25_quickstart.zip
2013-11-07 08:26 - 2013-09-08 00:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 08:26 - 2010-11-21 04:47 - 00012698 _____ C:\Windows\PFRO.log
2013-11-06 13:13 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter
2013-11-06 13:12 - 2013-11-06 13:12 - 00001199 _____ C:\Users\User\Desktop\Any Video Converter.lnk
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter Professional
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:11 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:09 - 35631456 _____ (Any-Video-Converter.com                                     ) C:\Users\User\Downloads\avc-free-5.0.9.exe
2013-11-06 13:09 - 2013-10-31 08:48 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2013-11-06 13:08 - 2013-11-06 13:07 - 06982971 _____ C:\Users\User\Desktop\stalltuning_deutsch.....webm
2013-11-06 13:06 - 2013-11-06 13:03 - 11529424 _____ C:\Users\User\Desktop\stalltuning_deutsch.mp4
2013-11-06 12:59 - 2013-11-06 12:58 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-06 12:51 - 2013-11-06 12:50 - 27454736 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\User\Downloads\FreeWebMVideoConverter.exe
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\Public\Documents\Adobe
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc
2013-11-06 10:06 - 2013-11-06 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 08:36 - 2009-07-14 05:45 - 05344528 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-05 10:55 - 2013-09-08 12:26 - 00099728 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-05 08:20 - 2013-11-05 08:20 - 08095190 _____ C:\Users\User\Downloads\waxing beauty(1).zip
2013-11-04 16:10 - 2013-09-26 10:10 - 00013246 _____ C:\Users\User\Desktop\ps1102.txt
2013-11-04 15:30 - 2013-11-04 15:29 - 00000000 ____D C:\Users\User\Desktop\weh
2013-11-04 15:30 - 2013-09-30 14:04 - 00001456 _____ C:\Users\User\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-04 11:05 - 2013-11-04 11:05 - 00094985 _____ C:\Users\User\Downloads\Didact_Gothic.zip
2013-11-01 12:51 - 2013-11-01 12:51 - 00091205 _____ C:\Users\User\Downloads\Friz Quadrata Regular Italic.ttf
2013-11-01 12:20 - 2013-11-01 12:20 - 00028993 _____ C:\Users\User\Downloads\blairmditc_tt_medium.zip
2013-11-01 11:48 - 2013-11-01 11:48 - 00014317 _____ C:\Users\User\Downloads\frquad.zip
2013-11-01 11:43 - 2013-11-01 11:43 - 00028542 _____ C:\Users\User\Downloads\Garogier.zip
2013-11-01 11:27 - 2013-11-01 14:05 - 00099514 _____ C:\Users\User\Downloads\sf_grandezza.zip
2013-11-01 10:42 - 2013-11-01 10:42 - 01185346 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.eps
2013-11-01 10:37 - 2013-11-01 10:37 - 01342876 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.ai
2013-10-31 16:32 - 2013-11-06 12:50 - 183573266 _____ C:\Users\User\Desktop\PAl_Stalltuning_deutsch.mp4
2013-10-31 16:32 - 2013-10-31 14:48 - 00000000 ____D C:\Users\User\Desktop\Pal_Lüftung_deutsch3 Ordner
2013-10-31 15:39 - 2013-10-31 15:39 - 00217172 _____ C:\Users\User\Downloads\Archivo_Narrow.zip
2013-10-31 08:48 - 2013-10-31 08:48 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-31 08:48 - 2013-10-31 08:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-31 08:47 - 2013-10-31 08:47 - 23280480 _____ C:\Users\User\Downloads\vlc-2.1.0-win64.exe
2013-10-31 08:24 - 2013-10-15 14:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-30 13:24 - 2013-10-30 13:24 - 03238389 _____ C:\Users\User\Downloads\quickstartguide.pdf.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 02239606 _____ C:\Users\User\Downloads\com_akeeba-3.8.2-core.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 00043927 _____ C:\Users\User\Downloads\akeebabackup-de-DE-j25.zip
2013-10-30 13:21 - 2013-10-30 13:21 - 00351624 _____ C:\Users\User\Downloads\ipricecalc_light_unzip1st.zip
2013-10-30 13:19 - 2013-10-30 13:19 - 00005117 _____ C:\Users\User\Downloads\mod_days_converter_1383135569.zip
2013-10-30 12:55 - 2013-10-30 12:55 - 03490991 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4 Ordner.zip
2013-10-30 12:54 - 2013-10-30 12:54 - 00724992 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4.indd
2013-10-30 12:05 - 2013-10-30 12:05 - 00085878 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light.ttf
2013-10-30 12:03 - 2013-10-30 12:03 - 00059790 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light_oblique.ttf
2013-10-30 12:02 - 2013-09-12 12:35 - 00000000 ___RD C:\Users\User\Virtual Machines
2013-10-30 10:59 - 2013-10-10 10:56 - 00000000 ____D C:\Users\User\Desktop\Bildbe_KuW
2013-10-30 08:43 - 2013-10-30 08:43 - 04460353 _____ C:\Users\User\Downloads\a_few_red_heart_vector_152565.zip
2013-10-30 08:26 - 2013-10-29 15:23 - 00000000 ____D C:\Users\User\AppData\Local\Apple Computer
2013-10-29 15:30 - 2013-09-08 21:07 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-29 13:29 - 2013-10-29 13:29 - 04801925 _____ C:\Users\User\Downloads\sun_kissed_photoshop_action_by_elestrial-d36odpj.zip
2013-10-29 13:27 - 2013-10-29 13:27 - 00001633 _____ C:\Users\User\Downloads\photoshop-action-Smooth skin.zip
2013-10-29 13:26 - 2013-10-29 13:26 - 00000795 _____ C:\Users\User\Downloads\action_056___TEETH_WHITENING___by_ModernActions.atn
2013-10-29 13:24 - 2013-10-29 13:25 - 00007968 _____ C:\Users\User\Downloads\ACTIONS_3D_by_JonasFan93.atn
2013-10-29 13:18 - 2013-10-29 13:18 - 00012644 _____ C:\Users\User\Downloads\RoTP-All-Presets.zip
2013-10-28 14:10 - 2013-10-28 14:10 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 14:10 - 2013-10-28 14:10 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 14:10 - 2013-09-08 21:37 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-25 08:30 - 2013-10-25 08:30 - 08095190 _____ C:\Users\User\Downloads\waxing beauty.zip
2013-10-25 08:29 - 2013-10-25 08:29 - 00012933 _____ C:\Users\User\Desktop\Labtop Wide.zip
2013-10-24 14:31 - 2013-10-24 14:31 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff(1).html
2013-10-23 09:43 - 2013-10-09 08:22 - 00000000 ____D C:\Users\W-Lan\AppData\Local\Adobe
2013-10-23 09:20 - 2013-10-23 09:15 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\FileZilla
2013-10-23 09:14 - 2013-10-23 09:14 - 07241860 _____ C:\Users\W-Lan\Downloads\FileZilla_3.7.3_win32.zip
2013-10-23 09:14 - 2013-10-09 08:22 - 00091312 _____ C:\Users\W-Lan\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-22 14:46 - 2013-10-22 14:46 - 00018630 _____ C:\Users\User\Downloads\Strait.zip
2013-10-22 14:42 - 2013-09-27 10:40 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2013-10-21 14:26 - 2013-10-09 08:22 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\Adobe
2013-10-21 14:23 - 2013-10-21 14:22 - 00000132 _____ C:\Users\W-Lan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-10-21 14:20 - 2013-10-21 14:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\NVIDIA
2013-10-21 12:00 - 2013-09-10 08:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-21 12:00 - 2013-09-10 08:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-21 12:00 - 2013-09-10 08:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-21 11:55 - 2013-10-21 11:55 - 00000000 ____D C:\Users\W-Lan\Desktop\RTL8188_8191_8192_SU_WindowsDriver_1086.48.0809.2011.F0049_12.P0406_UI_1.00.0187.L
2013-10-21 11:10 - 2013-10-21 11:08 - 88065608 _____ C:\Users\User\Downloads\Fotos_Original.rar
2013-10-21 08:35 - 2013-10-21 08:35 - 00037336 _____ C:\Users\User\Downloads\text-me-one.regular.ttf
2013-10-21 07:43 - 2013-10-21 07:43 - 00000881 _____ C:\Users\Public\Desktop\Mobilizer.lnk
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Users\User\AppData\Roaming\com.springbox.mobilizer
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Program Files (x86)\Mobilizer
2013-10-21 07:43 - 2013-10-21 07:42 - 02761523 _____ C:\Users\User\Downloads\Mobilizer.air
2013-10-17 10:56 - 2013-10-17 10:53 - 00104028 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne_207.txt
2013-10-17 10:52 - 2013-10-17 10:41 - 00283848 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne.txt
2013-10-16 16:15 - 2013-09-08 01:05 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-16 16:15 - 2013-09-08 01:05 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 07:00 - 2013-09-11 13:19 - 00000388 _____ C:\Windows\Tasks\X-Rite Device Services Software Updater.job
2013-10-15 15:54 - 2013-10-15 15:54 - 01182530 _____ C:\Users\User\Downloads\exo.zip
2013-10-15 15:54 - 2013-10-15 15:54 - 00000000 ____D C:\Users\User\Downloads\exo
2013-10-15 11:33 - 2013-10-15 11:33 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff.html
2013-10-14 15:47 - 2013-10-14 15:32 - 1663088084 _____ C:\Users\User\Desktop\France_2.avi
2013-10-14 15:28 - 2013-10-14 14:52 - 3307571434 _____ C:\Users\User\Desktop\France_1.avi
2013-10-14 14:50 - 2013-10-14 13:49 - 3496154838 _____ C:\Users\User\Desktop\France.avi
2013-10-14 13:58 - 2013-09-08 01:05 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2013-10-14 13:12 - 2013-10-14 13:10 - 00393264 _____ C:\Users\User\Desktop\France_1.mov
2013-10-14 12:28 - 2013-09-10 09:53 - 00000000 ____D C:\ProgramData\VideoCopilot
2013-10-14 12:05 - 2013-10-14 12:02 - 04956424 _____ C:\Users\User\Desktop\Pal_Lüftung_Frankreich.aep
2013-10-14 11:33 - 2013-10-14 11:33 - 00024343 _____ C:\Users\User\Downloads\batch_search-n-replace_paths_v1.7.zip
2013-10-14 10:50 - 2013-09-12 11:57 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-10-14 07:27 - 2013-09-09 09:00 - 00000000 ____D C:\Users\User\AppData\Local\Thunderbird

Files to move or delete:
====================
C:\Windows\Tasks\{DD8046B0-2077-4899-AFCD-A0D034E183D4}.job


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\User\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\Process.exe
C:\Users\User\AppData\Local\Temp\res1.tmp.exe
C:\Users\User\AppData\Local\Temp\twi1.tmp.exe
C:\Users\W-Lan\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-11 12:50

==================== End Of Log ============================
Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2013
Ran by User at 2013-11-13 13:09:05
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Adobe Acrobat XI Pro (x32 Version: 11.0)
Adobe Acrobat XI Pro (x32 Version: 11.0.05)
Adobe After Effects CC (x32 Version: 12)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Audition CC (x32 Version: 6.0)
Adobe Bridge CC (64 Bit) (x32 Version: 6.0)
Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Dreamweaver CC (x32 Version: 13)
Adobe Edge Animate CC (x32 Version: 2.0.1)
Adobe Edge Code CC (x32 Version: 0.95)
Adobe Edge Inspect CC (x32 Version: 1.0.408)
Adobe Edge Reflow CC Preview (Version: 0.30.13098)
Adobe Exchange Panel (x32 Version: 1)
Adobe ExtendScript Toolkit CC (x32 Version: 4.0.0.0)
Adobe Extension Manager CC (x32 Version: 7.1)
Adobe Fireworks CS6 (x32 Version: 12.0.1)
Adobe Flash Builder 4.7 (64 Bit) (x32 Version: 4.7)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Professional CC (x32 Version: 13.0)
Adobe Gaming SDK 1.2 (x32 Version: 1.2)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Illustrator CC (x32 Version: 17.0)
Adobe InCopy CC (x32 Version: 9.0)
Adobe InDesign CC (x32 Version: 9.0)
Adobe Muse (x32 Version: 6.0)
Adobe Muse (x32 Version: 6.0.751)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Photoshop Lightroom 5 64-bit (Version: 5.0.1)
Adobe Prelude CC (x32 Version: 2.0.0)
Adobe Premiere Pro CC (x32 Version: 7.0.1)
Adobe Scout CC (Version: 1.1.1.354079)
Adobe SpeedGrade CC (x32 Version: 7.0.0)
Adobe Touch App Plugins (x32 Version: 1.0)
Adobe® Content Viewer (x32 Version: 3.2.0)
Any Video Converter 5.0.9 (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.16.2.0)
ASUS Network Utility (x32 Version: 2.7)
Avira Free Antivirus (x32 Version: 14.0.0.383)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Dropbox (HKCU Version: 2.0.26)
FontExplorer X Pro 2.4.1 (x32 Version: 002.004.0973)
Free WebM Video Converter version 5.0.29.925 (x32 Version: 5.0.29.925)
Google Chrome (x32 Version: 31.0.1650.48)
Google Update Helper (x32 Version: 1.3.21.165)
i1Profiler (x32 Version: 1.5.0)
iCloud (Version: 2.1.2.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
KONICA MINOLTA C360Series
LibreOffice 4.1.1.2 (x32 Version: 4.1.1.2)
Lightroom 5.0 (x32 Version: 5.0)
marvell 91xx driver (x32 Version: 1.2.0.1019)
Marvell Storage Utility V4 (x32 Version: 4.1.0.2003)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobilizer (x32 Version: 0.9.6)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
Mozilla Thunderbird 24.1.0 (x86 de) (x32 Version: 24.1.0)
MysticThumbs (Version: 1.9.8)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.78 (Version: 320.78)
NVIDIA Grafiktreiber 320.78 (Version: 320.78)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA nView 140.62 (Version: 140.62)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2078)
NVIDIA Systemsteuerung 320.78 (Version: 320.78)
NVIDIA WMI 2.12.0 (Version: 2.12.0)
Pantone Color Manager 1.0.2 (x32)
PDF Settings CC (x32 Version: 12.0)
ph (x32 Version: 1.0.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6680)
Revolver Office 8.4.6 (x32)
Scribus 1.4.3 (x32 Version: 1.4.3)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
System Requirements Lab for Intel (x32 Version: 4.5.15.0)
TeamViewer 8 (x32 Version: 8.0.22298)
ubCoreFlat64 5.21 (Version: 5.21)
ubCoreFlat64 5.21 (x32 Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC_CRT_x64 (Version: 1.02.0000)
VLC media player 2.1.0 (Version: 2.1.0)
Wacom Tablett (Version: 6.3.6-3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Win7_x64 (x32 Version: 0.96.06)
Windows Driver Package - ASPEED (ASTGraphics) Display  (09/05/2012 8.00.10.0096) (Version: 09/05/2012 8.00.10.0096)
Windows XP Mode (Version: 1.3.7600.16422)
XRD i1d3 (x32 Version: 1.0.135)
X-Rite Device Services Manager (x32 Version: 2.3.75)

==================== Restore Points  =========================

04-11-2013 07:32:48 Windows-Sicherung
11-11-2013 07:37:10 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {157800F6-F221-45B4-B214-83276DD54A21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-08] (Google Inc.)
Task: {34EF5749-0412-443B-8EA3-A9C1D5CD2C0B} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2013-07-02] (X-Rite Inc.)
Task: {48366A9B-9EFA-4E7C-9EA0-DDA33048B225} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-Tim => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {48543F19-65BF-441E-8CBD-ED2FF37B4746} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-W-Lan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {7B6E0AC1-725E-45AE-AA05-3FC8C0F7EF4D} - System32\Tasks\{DD8046B0-2077-4899-AFCD-A0D034E183D4} => C:\Users\User\AppData\Local\Temp\is-EC2PL.tmp\XRD Manager.exe
Task: {7E4C7343-8938-4CBD-96D1-1E7206AE66C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D030CB6F-E742-4249-9105-6E15C9FD3B92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-08] (Google Inc.)
Task: {F75B3947-3B0E-4BCB-A066-59EAAB584804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-21] (Adobe Systems Incorporated)
Task: {F78C8A67-1955-47CC-9BEF-10CA019810FB} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
Task: C:\Windows\Tasks\{DD8046B0-2077-4899-AFCD-A0D034E183D4}.job => C:\Users\User\AppData\Local\Temp\is-EC2PL.tmp\XRD Manager.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2013-04-05 11:58 - 2013-04-05 11:58 - 00021320 _____ () C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsPS64.dll
2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2013-10-02 09:41 - 2013-06-06 03:09 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-04-24 13:05 - 2013-07-31 16:33 - 00082848 _____ () C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\ASLSupport.dll
2013-04-24 13:05 - 2013-04-24 13:05 - 00216992 _____ () C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\ASKLib.dll
2013-04-24 13:05 - 2013-07-31 16:33 - 00229792 _____ () C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\AdamLib.dll
2013-04-24 13:05 - 2013-04-24 13:05 - 00082336 _____ () C:\Program Files\Adobe\Adobe InDesign CC (64 bit)\unihan.dll
2013-10-08 12:11 - 2013-09-30 10:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-11-22 03:48 - 2011-11-22 03:48 - 00073782 _____ () C:\Program Files (x86)\Marvell\storage\Apache2\bin\zlib1.dll
2013-06-21 12:29 - 2013-06-21 12:29 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 12:29 - 2013-06-21 12:29 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-25 11:53 - 2013-07-25 11:53 - 00055608 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\Infrastructure.Library.XmlSerializers.dll
2013-07-03 13:41 - 2013-07-03 13:41 - 00163840 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\DevelopDotNet.Compression.dll
2013-07-25 11:51 - 2013-07-25 11:51 - 00023864 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\LicenseAPI.dll
2013-07-25 11:51 - 2013-07-25 11:51 - 00315192 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\libxmlsec.dll
2013-07-25 11:51 - 2013-07-25 11:51 - 00956216 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\libxml2.dll
2013-07-25 11:51 - 2013-07-25 11:51 - 00143160 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\libxmlsec-mscrypto.dll
2013-07-03 13:40 - 2013-07-03 13:40 - 00032768 _____ () C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\ZeroconfService.dll
2013-09-08 14:52 - 2013-10-15 07:19 - 34604032 _____ () C:\Users\User\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-11 12:05 - 2013-05-30 23:57 - 44388864 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\Prism.dll
2013-09-11 12:05 - 2013-05-31 10:58 - 03449344 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\CxF2_VC90MD_2.1.dll
2013-09-11 12:05 - 2013-05-31 10:58 - 00898560 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\libxml2.dll
2013-09-11 12:05 - 2013-05-31 10:58 - 00073728 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\zlib1.dll
2013-09-11 12:05 - 2013-05-31 10:58 - 07982592 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtGui4.dll
2013-09-11 12:05 - 2013-05-31 10:58 - 02147328 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtCore4.dll
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-03-13 12:42 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-09-25 07:28 - 2013-10-15 07:19 - 00747008 _____ () C:\Users\User\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-25 07:28 - 2013-10-15 07:19 - 00137216 _____ () C:\Users\User\AppData\Roaming\Spotify\Data\libegl.dll
2013-10-15 14:00 - 2013-10-31 08:24 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-15 14:00 - 2013-10-31 08:24 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-15 14:00 - 2013-10-31 08:24 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00139264 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\Appearance Pak.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00098304 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\Browser Plugin.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00073728 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\Internet Encodings.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00098304 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MD5.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00151552 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\RegEx.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00098304 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\Shell.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 01364599 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\SSLSocket.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00405504 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\XML.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00059904 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHTypes6201.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00090112 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHCalCtrl5121.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00016384 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHBase6410101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00025088 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHMacBinary10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00055296 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHZComp10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00043008 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHEncrypt10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00030720 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHBlowf10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00043008 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHSha210101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00069120 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHZStream10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00048640 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHAES10101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00223744 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHPng4101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00043520 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSABAddressbookPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00031232 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSNSBasePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00030720 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSNSImagePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00028160 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSNSAttributedStringPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00034816 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSNSColorPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00050176 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSNotificationPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00035328 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCalendarStorePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00041984 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSPictureMacPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00026624 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSAppleScriptPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00031744 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSMacOSXPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00024576 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSScreenshotWindowPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00046080 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00031744 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGGeometryPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00027136 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGImagePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00054784 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCFPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00033792 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGPDFPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00027648 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGColorPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00025600 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCGDataProviderPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00039936 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSRegistrationPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00120832 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSPicturePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00058880 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSPictureRotatePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00035840 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSScreenshotPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00065536 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSStringPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00030720 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSMathPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00037376 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSWinTransPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00033792 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSFolderitemsPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00033792 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSMemoryPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00056832 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSMainPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00038400 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSDateDifferencePlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00045056 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSProcessPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00029184 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSWindowPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00040960 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSCallsPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00047616 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSSystemInformationPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00052736 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSInternationalWinPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00055808 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\MBSWinPlugin16724.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00084992 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHEffects7511.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00065024 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHEffects37511.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00258048 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\PostgreSQLPlugin.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00024064 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHBitFuncs6111.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00056320 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHTLEncryption6201.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00056832 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHTLStreams6201.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00063488 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHGFShared4101.dll
2013-09-11 13:36 - 2012-02-17 12:44 - 00056320 _____ () C:\Program Files (x86)\Revolver Office\Revolver Office Libs\EHPEInterfaces7511.dll
2013-11-06 10:06 - 2013-11-06 10:06 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-21 12:00 - 2013-10-21 12:00 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-10-08 12:11 - 2013-09-30 10:01 - 00394824 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\User\Cookies:ges181AAR3hR86n207OKu3vd8dKk
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:3I8JVgasKJCLge6Oo1agABTLfjm0S

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: 802.11n/b/g 2cm Wireless LAN USB2.0 Adapter
Description: 802.11n/b/g 2cm Wireless LAN USB2.0 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AboCom System, Inc.
Service: RTL8192su
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SAS-Controller
Description: SAS-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2013 11:53:27 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2013 10:20:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2013 08:22:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2013 08:20:49 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.0.201 for ServerName     .

Error: (11/12/2013 11:15:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 11:08:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 10:56:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 10:14:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 09:29:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 09:28:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/11/2013 08:27:00 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎11.‎2013 um 14:27:43 unerwartet heruntergefahren.

Error: (10/23/2013 09:13:44 AM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.104 mit dem Computer mit der
Netzwerkhardwareadresse 68-A8-6D-22-B7-A2 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (10/07/2013 00:18:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Realtek11nSU" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (09/11/2013 00:06:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinI2C-DDC Kernel Mode Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/11/2013 00:06:17 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\DDCDrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/08/2013 02:32:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (09/08/2013 02:03:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/08/2013 02:03:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/08/2013 02:03:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MSU Web Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2013 02:03:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Marvell Storage Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (11/13/2013 11:53:27 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

Error: (11/13/2013 10:20:02 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\Adobe\adobe dreamweaver cc\Dreamweaver.exe

Error: (11/13/2013 08:22:18 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2013 08:20:49 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.0.201 for ServerName

Error: (11/12/2013 11:15:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

Error: (11/12/2013 11:08:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

Error: (11/12/2013 10:56:46 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

Error: (11/12/2013 10:14:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\Adobe\adobe dreamweaver cc\Dreamweaver.exe

Error: (11/12/2013 09:29:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe

Error: (11/12/2013 09:28:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe


CodeIntegrity Errors:
===================================
  Date: 2013-11-13 08:20:51.890
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 08:59:59.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 08:49:02.503
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 08:20:22.360
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-11 10:29:28.441
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-11 09:11:11.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-11 08:27:05.642
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 09:28:06.378
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-08 09:22:01.751
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 13:16:47.134
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 65485.7 MB
Available physical RAM: 57318.32 MB
Total Pagefile: 130969.57 MB
Available Pagefile: 121277.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.84 GB) (Free:215.85 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1829.83 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1862.82 GB) (Free:1527.97 GB) NTFS
Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1714.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 477 GB) (Disk ID: 3A0DEAA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=477 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 69A21ED7)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D8A12FFF)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
GMER
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-13 13:35:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP10T0L0-a OCZ-VERTEX4 rev.1.5 476,94GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\User\AppData\Local\Temp\uwldqkow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                            00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                           00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe[2428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                             00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe[2428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                            00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe[2792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe[2792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[4056] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[4056] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe[2584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[4108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[4108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe[3928] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                           00000000760b1465 2 bytes [0B, 76]
.text  C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe[3928] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                          00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe[3904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe[3904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[4492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69             00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[4492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155            00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6812] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69          00000000760b1465 2 bytes [0B, 76]
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6812] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155         00000000760b14bb 2 bytes [0B, 76]
.text  ...                                                                                                                                               * 2
?      C:\Windows\system32\mssprxy.dll [3680] entry point in ".rdata" section                                                                            00000000726171e6

---- EOF - GMER 2.1 ----

Alt 13.11.2013, 14:37   #2
schrauber
/// the machine
/// TB-Ausbilder
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________
Alt 13.11.2013, 15:13   #3
Craser
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


Danke. Was nach ComboFix und Neustart passiert ist:
1. AntiVir aktiviert, hat Meldung ausgegeben: "Registry blockiert" (Keine weiteren Infos)
2. Mein Internet läuft über einen Proxy, dieser wurde entfernt und ich musste ihn neu einstellen.
3. Firefox ist nicht mehr mein Standard-Browser?! IE und Chrome sind es aber auch nicht. Mehr sind nicht installiert.

EDIT: Grad gesehen, Windows Defender vergessen. Nochmal laufen lassen?

Hier die File:
Code:
ATTFilter
ComboFix 13-11-12.01 - User 13.11.2013  14:52:35.1.24 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.65487.60276 [GMT 1:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-13 bis 2013-11-13  ))))))))))))))))))))))))))))))
.
.
2013-11-13 13:57 . 2013-11-13 13:57	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-13 13:57 . 2013-11-13 13:57	--------	d-----w-	c:\users\W-Lan\AppData\Local\temp
2013-11-13 12:06 . 2013-11-13 12:06	--------	d-----w-	C:\FRST
2013-11-06 12:12 . 2013-11-06 12:12	--------	d-----w-	c:\users\User\AppData\Roaming\AnvSoft
2013-11-06 12:11 . 2013-11-06 12:11	--------	d-----w-	c:\program files (x86)\AnvSoft
2013-11-06 11:58 . 2013-11-06 11:59	--------	d-----w-	c:\users\User\AppData\Roaming\DVDVideoSoft
2013-11-06 11:58 . 2013-11-06 11:58	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-11-06 11:58 . 2013-11-06 11:58	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-11-06 11:52 . 2013-11-06 11:52	--------	d-----w-	c:\users\User\AppData\Local\Programs
2013-11-06 10:14 . 2013-11-06 10:14	--------	d-----w-	c:\users\User\AppData\Roaming\chc
2013-10-31 07:48 . 2013-11-06 12:09	--------	d-----w-	c:\users\User\AppData\Roaming\vlc
2013-10-31 07:48 . 2013-10-31 07:48	--------	d-----w-	c:\program files\VideoLAN
2013-10-29 14:23 . 2013-10-30 07:26	--------	d-----w-	c:\users\User\AppData\Local\Apple Computer
2013-10-28 13:10 . 2013-10-28 13:10	--------	d-----w-	c:\programdata\Oracle
2013-10-28 13:10 . 2013-10-28 13:10	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-10-28 13:10 . 2013-10-08 06:50	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-23 08:15 . 2013-10-23 08:20	--------	d-----w-	c:\users\W-Lan\AppData\Roaming\FileZilla
2013-10-21 13:20 . 2013-10-21 13:20	--------	d-----w-	c:\users\W-Lan\AppData\Roaming\NVIDIA
2013-10-21 10:55 . 2011-08-11 11:46	694376	----a-w-	c:\windows\system32\drivers\RTL8192su.sys
2013-10-21 06:43 . 2013-10-21 06:43	--------	d-----w-	c:\users\User\AppData\Roaming\com.springbox.mobilizer
2013-10-21 06:43 . 2013-10-21 06:43	--------	d-----w-	c:\program files (x86)\Mobilizer
2013-10-15 13:00 . 2013-10-31 07:24	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 11:00 . 2013-09-10 07:34	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-30 09:01 . 2013-10-08 11:11	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-09-30 09:01 . 2013-10-08 11:11	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-09-30 09:01 . 2013-10-08 11:11	132600	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-09-30 09:01 . 2013-10-08 11:11	105856	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-09-13 11:07 . 2009-10-01 12:08	15360	----a-w-	c:\windows\system32\KOAZ8J_L.DLL
2013-09-11 11:22 . 2013-09-08 12:28	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-09-09 01:21 . 2013-09-09 01:21	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-09-09 01:21 . 2013-09-09 01:21	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-09-09 01:21 . 2013-09-09 01:21	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-09-09 01:21 . 2013-09-09 01:21	81408	----a-w-	c:\windows\system32\icardie.dll
2013-09-09 01:21 . 2013-09-09 01:21	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-09-09 01:21 . 2013-09-09 01:21	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-09-09 01:21 . 2013-09-09 01:21	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-09-09 01:21 . 2013-09-09 01:21	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-09-09 01:21 . 2013-09-09 01:21	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-09-09 01:21 . 2013-09-09 01:21	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-09-09 01:21 . 2013-09-09 01:21	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-09-09 01:21 . 2013-09-09 01:21	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-09-09 01:21 . 2013-09-09 01:21	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-09-09 01:21 . 2013-09-09 01:21	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-09-09 01:21 . 2013-09-09 01:21	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-09-09 01:21 . 2013-09-09 01:21	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-09-09 01:21 . 2013-09-09 01:21	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-09-09 01:21 . 2013-09-09 01:21	441856	----a-w-	c:\windows\system32\html.iec
2013-09-09 01:21 . 2013-09-09 01:21	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-09-09 01:21 . 2013-09-09 01:21	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-09-09 01:21 . 2013-09-09 01:21	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-09-09 01:21 . 2013-09-09 01:21	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-09-09 01:21 . 2013-09-09 01:21	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-09-09 01:21 . 2013-09-09 01:21	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-09-09 01:21 . 2013-09-09 01:21	235008	----a-w-	c:\windows\system32\url.dll
2013-09-09 01:21 . 2013-09-09 01:21	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-09-09 01:21 . 2013-09-09 01:21	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-09-09 01:21 . 2013-09-09 01:21	216064	----a-w-	c:\windows\system32\msls31.dll
2013-09-09 01:21 . 2013-09-09 01:21	197120	----a-w-	c:\windows\system32\msrating.dll
2013-09-09 01:21 . 2013-09-09 01:21	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-09-09 01:21 . 2013-09-09 01:21	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-09-09 01:21 . 2013-09-09 01:21	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-09-09 01:21 . 2013-09-09 01:21	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-09-09 01:21 . 2013-09-09 01:21	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-09-09 01:21 . 2013-09-09 01:21	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-09-09 01:21 . 2013-09-09 01:21	149504	----a-w-	c:\windows\system32\occache.dll
2013-09-09 01:21 . 2013-09-09 01:21	144896	----a-w-	c:\windows\system32\wextract.exe
2013-09-09 01:21 . 2013-09-09 01:21	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-09-09 01:21 . 2013-09-09 01:21	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-09-09 01:21 . 2013-09-09 01:21	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-09-09 01:21 . 2013-09-09 01:21	13824	----a-w-	c:\windows\system32\mshta.exe
2013-09-09 01:21 . 2013-09-09 01:21	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-09-09 01:21 . 2013-09-09 01:21	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-09-09 01:21 . 2013-09-09 01:21	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-09-09 01:21 . 2013-09-09 01:21	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-09-09 01:21 . 2013-09-09 01:21	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-09-09 01:21 . 2013-09-09 01:21	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-09-09 01:21 . 2013-09-09 01:21	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-09 01:21 . 2013-09-09 01:21	102912	----a-w-	c:\windows\system32\inseng.dll
2013-08-30 07:47 . 2013-09-08 00:05	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-08-19 22:46 . 2013-09-11 11:21	9515512	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{753D3107-351D-4CB1-8F67-66F1A2918A1D}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-10-15 1140736]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-04-05 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-04-05 59720]
"FontExplorerX"="c:\program files (x86)\FontExplorer X\FontExplorer X Pro\FontExplorerX.exe" [2013-07-25 825656]
"Spotify"="c:\users\User\AppData\Roaming\Spotify\spotify.exe" [2013-10-15 4752384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]
"MSUTray"="c:\program files (x86)\Marvell\storage\tray\MarvellTray.exe" [2011-11-25 1202216]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-09-05 3478392]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-30 681032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
i1Profiler Tray.lnk - c:\program files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe [2013-9-11 2519552]
XRGamma.lnk - c:\program files (x86)\X-Rite\i1Profiler\XRGamma.exe [2013-9-11 802816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EyeOne;EyeOne;c:\windows\system32\Drivers\i1_x64.sys;c:\windows\SYSNATIVE\Drivers\i1_x64.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys;c:\windows\SYSNATIVE\DRIVERS\mv91cons.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 fexservice;FontExplorer X Pro.FontManagementService;c:\program files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe;c:\program files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
S2 Marvell Storage Management;Marvell Storage Management Service;c:\program files (x86)\Marvell\storage\svc\mvraidsvc.exe;c:\program files (x86)\Marvell\storage\svc\mvraidsvc.exe [x]
S2 MSUWebService;MSU Web Service;c:\program files (x86)\Marvell\storage\Apache2\bin\httpd.exe;c:\program files (x86)\Marvell\storage\Apache2\bin\httpd.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\DRIVERS\ubsbm.sys;c:\windows\SYSNATIVE\DRIVERS\ubsbm.sys [x]
S2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\DRIVERS\ubumapi.sys;c:\windows\SYSNATIVE\DRIVERS\ubumapi.sys [x]
S2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S2 xrdd.exe;X-Rite Device Services Manager;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 Mv_Process;Marvell process notification.;c:\windows\syswow64\mv_process.sys;c:\windows\syswow64\mv_process.sys [x]
S3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\DRIVERS\ubohci.sys;c:\windows\SYSNATIVE\DRIVERS\ubohci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-13 08:21	1210320	----a-w-	c:\program files (x86)\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 11:00]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-08 00:05]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-08 00:05]
.
2013-10-16 c:\windows\Tasks\X-Rite Device Services Software Updater.job
- c:\program files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2013-07-02 08:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-07-09 6549136]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-07-10 1214608]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-08-09 2722080]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 172.16.6.9:3128
uInternet Settings,ProxyOverride = *.local;<local>
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
TCP: DhcpNameServer = 172.21.10.5 172.21.10.3
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default\
FF - ExtSQL: 2013-09-16 14:03; firebug@software.joehewitt.com; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default\extensions\firebug@software.joehewitt.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-13  14:59:13
ComboFix-quarantined-files.txt  2013-11-13 13:59
.
Vor Suchlauf: 9 Verzeichnis(se), 253.703.213.056 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 258.994.720.768 Bytes frei
.
- - End Of File - - 41B7F76BBC3491280398CAC0F65A2D24
A36C5E4F47E84449FF07ED3517B43A31
__________________
Alt 14.11.2013, 09:05   #4
schrauber
/// the machine
/// TB-Ausbilder
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


Nee passt

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.11.2013, 09:59   #5
Craser
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7


Ok, los gehts:

mbam
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.14.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
User :: User-PC [Administrator]

14.11.2013 09:34:28
mbam-log-2013-11-14 (09-34-28).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 233564
Laufzeit: 2 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\User\Downloads\FreeWebMVideoConverter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
adw
Code:
ATTFilter
# AdwCleaner v3.012 - Bericht erstellt am 14/11/2013 um 09:41:32
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : User - User-PC
# Gestartet von : C:\Users\User\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v25.0 (de)

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default\prefs.js ]


-\\ Google Chrome v31.0.1650.48

[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\W-Lan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1024 octets] - [14/11/2013 09:40:35]
AdwCleaner[S0].txt - [947 octets] - [14/11/2013 09:41:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1006 octets] ##########
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by User on 14.11.2013 at  9:48:03,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\bvwq14qf.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.11.2013 at  9:52:25,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by User (administrator) on User-PC on 14-11-2013 09:56:56
Running from C:\Users\User\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(FontExplorer X) C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Marvell) C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Apache Software Foundation) C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2722080 2013-08-09] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-15] (Spotify Ltd)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [FontExplorerX] - C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontExplorerX.exe [825656 2013-07-25] (FontExplorer X)
HKCU\...\Run: [Spotify] - C:\Users\User\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-15] (Spotify Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSUTray] - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe [1202216 2011-11-25] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 172.16.6.9:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x81D5CF7D25ACCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bvwq14qf.default\Extensions\firebug@software.joehewitt.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 fexservice; C:\Program Files (x86)\FontExplorer X\FontExplorer X Pro\FontManagementServices.exe [48952 2013-07-25] (FontExplorer X)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 MSUWebService; C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe [24645 2011-11-22] (Apache Software Foundation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [1248544 2013-08-09] (NVIDIA Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [82800 2013-07-02] (X-Rite Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)
S3 e1qexpress; C:\Windows\System32\DRIVERS\e1q60x64.sys [244736 2009-06-10] (Intel Corporation)
S3 EyeOne; C:\Windows\System32\Drivers\i1_x64.sys [51600 2011-03-10] (Thesycon GmbH, Germany)
R3 Mv_Process; c:\windows\syswow64\mv_process.sys [14376 2011-11-22] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 ubohci; C:\Windows\System32\DRIVERS\ubohci.sys [114688 2007-10-04] (Unibrain S.A.)
R2 ubsbm; C:\Windows\System32\DRIVERS\ubsbm.sys [23040 2007-08-03] (Unibrain S.A.)
R2 ubumapi; C:\Windows\System32\DRIVERS\ubumapi.sys [78336 2007-08-03] (Unibrain S.A.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2013-07-10] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [10240 2013-07-10] (Nicomsoft Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 09:56 - 2013-11-14 09:56 - 01957794 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-11-14 09:52 - 2013-11-14 09:52 - 00000758 _____ C:\Users\User\Desktop\JRT.txt
2013-11-14 09:48 - 2013-11-14 09:48 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 09:45 - 2013-11-14 09:45 - 00001066 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt
2013-11-14 09:40 - 2013-11-14 09:41 - 00000000 ____D C:\AdwCleaner
2013-11-14 09:31 - 2013-11-14 09:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 09:31 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-14 09:29 - 2013-11-14 09:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 09:29 - 2013-11-14 09:29 - 01085542 _____ C:\Users\User\Desktop\adwcleaner.exe
2013-11-14 09:29 - 2013-11-14 09:29 - 01034531 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2013-11-14 09:20 - 2013-11-14 09:21 - 16203506 _____ C:\Users\User\Downloads\waxing beauty(2).zip
2013-11-13 14:59 - 2013-11-13 14:59 - 00022402 _____ C:\ComboFix.txt
2013-11-13 14:51 - 2013-11-13 14:59 - 00000000 ____D C:\ComboFix
2013-11-13 14:49 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-13 14:49 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-13 14:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-13 14:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-13 14:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-13 14:49 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-13 14:49 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-13 14:49 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-13 14:48 - 2013-11-13 14:59 - 00000000 ____D C:\Qoobox
2013-11-13 14:48 - 2013-11-13 14:58 - 00000000 ____D C:\Windows\erdnt
2013-11-13 14:47 - 2013-11-13 14:47 - 05147957 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2013-11-13 13:39 - 2013-11-13 13:39 - 01071224 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-13 13:36 - 2013-11-13 13:36 - 00087017 _____ C:\Users\User\Desktop\trojan.txt
2013-11-13 13:35 - 2013-11-13 13:40 - 00006390 _____ C:\Users\User\Desktop\Gmer.log
2013-11-13 13:29 - 2013-11-13 13:29 - 00377856 _____ C:\Users\User\Desktop\gmer_2.1.19163.exe
2013-11-13 13:09 - 2013-11-13 13:20 - 00042953 _____ C:\Users\User\Desktop\Addition.txt
2013-11-13 13:06 - 2013-11-14 09:56 - 00017044 _____ C:\Users\User\Desktop\FRST.txt
2013-11-13 13:06 - 2013-11-13 13:06 - 00000000 ____D C:\FRST
2013-11-13 13:03 - 2013-11-13 13:03 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00000478 _____ C:\Users\User\Downloads\defogger_disable.log
2013-11-13 13:03 - 2013-11-13 13:03 - 00000000 _____ C:\Users\User\defogger_reenable
2013-11-11 13:49 - 2013-11-11 13:49 - 06026369 _____ C:\Users\User\Downloads\jsn_solid_docs.zip
2013-11-11 13:38 - 2013-11-11 13:40 - 43475453 _____ C:\Users\User\Downloads\jsn_solid_pro_standard_j25_quickstart.zip
2013-11-11 13:22 - 2013-11-11 13:23 - 00333095 _____ C:\Users\User\Downloads\de-DE_joomla_lang_full_2.5.16v1.zip
2013-11-11 12:55 - 2013-11-11 12:56 - 26055071 _____ C:\Users\User\Downloads\jsn_solid_free_j25_quickstart.zip
2013-11-06 13:12 - 2013-11-06 13:13 - 00000000 ____D C:\Users\User\Documents\Any Video Converter
2013-11-06 13:12 - 2013-11-06 13:12 - 00001199 _____ C:\Users\User\Desktop\Any Video Converter.lnk
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter Professional
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:11 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-11-06 13:09 - 2013-11-06 13:11 - 35631456 _____ (Any-Video-Converter.com                                     ) C:\Users\User\Downloads\avc-free-5.0.9.exe
2013-11-06 13:07 - 2013-11-06 13:08 - 06982971 _____ C:\Users\User\Desktop\stalltuning_deutsch.....webm
2013-11-06 13:03 - 2013-11-06 13:06 - 11529424 _____ C:\Users\User\Desktop\stalltuning_deutsch.mp4
2013-11-06 12:58 - 2013-11-06 12:59 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-06 12:50 - 2013-10-31 16:32 - 183573266 _____ C:\Users\User\Desktop\PAl_Stalltuning_deutsch.mp4
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\Public\Documents\Adobe
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc
2013-11-06 10:06 - 2013-11-06 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 08:20 - 2013-11-05 08:20 - 08095190 _____ C:\Users\User\Downloads\waxing beauty(1).zip
2013-11-04 15:29 - 2013-11-04 15:30 - 00000000 ____D C:\Users\User\Desktop\weh
2013-11-04 11:05 - 2013-11-04 11:05 - 00094985 _____ C:\Users\User\Downloads\Didact_Gothic.zip
2013-11-01 14:05 - 2013-11-01 11:27 - 00099514 _____ C:\Users\User\Downloads\sf_grandezza.zip
2013-11-01 12:51 - 2013-11-01 12:51 - 00091205 _____ C:\Users\User\Downloads\Friz Quadrata Regular Italic.ttf
2013-11-01 12:20 - 2013-11-01 12:20 - 00028993 _____ C:\Users\User\Downloads\blairmditc_tt_medium.zip
2013-11-01 11:48 - 2013-11-01 11:48 - 00014317 _____ C:\Users\User\Downloads\frquad.zip
2013-11-01 11:43 - 2013-11-01 11:43 - 00028542 _____ C:\Users\User\Downloads\Garogier.zip
2013-11-01 10:42 - 2013-11-01 10:42 - 01185346 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.eps
2013-11-01 10:37 - 2013-11-01 10:37 - 01342876 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.ai
2013-10-31 15:39 - 2013-10-31 15:39 - 00217172 _____ C:\Users\User\Downloads\Archivo_Narrow.zip
2013-10-31 14:48 - 2013-10-31 16:32 - 00000000 ____D C:\Users\User\Desktop\Pal_Lüftung_deutsch3 Ordner
2013-10-31 08:48 - 2013-11-06 13:09 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2013-10-31 08:48 - 2013-10-31 08:48 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-31 08:48 - 2013-10-31 08:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-31 08:47 - 2013-10-31 08:47 - 23280480 _____ C:\Users\User\Downloads\vlc-2.1.0-win64.exe
2013-10-30 13:24 - 2013-10-30 13:24 - 03238389 _____ C:\Users\User\Downloads\quickstartguide.pdf.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 02239606 _____ C:\Users\User\Downloads\com_akeeba-3.8.2-core.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 00043927 _____ C:\Users\User\Downloads\akeebabackup-de-DE-j25.zip
2013-10-30 13:21 - 2013-10-30 13:21 - 00351624 _____ C:\Users\User\Downloads\ipricecalc_light_unzip1st.zip
2013-10-30 13:19 - 2013-10-30 13:19 - 00005117 _____ C:\Users\User\Downloads\mod_days_converter_1383135569.zip
2013-10-30 12:55 - 2013-10-30 12:55 - 03490991 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4 Ordner.zip
2013-10-30 12:54 - 2013-10-30 12:54 - 00724992 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4.indd
2013-10-30 12:05 - 2013-10-30 12:05 - 00085878 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light.ttf
2013-10-30 12:03 - 2013-10-30 12:03 - 00059790 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light_oblique.ttf
2013-10-30 08:43 - 2013-10-30 08:43 - 04460353 _____ C:\Users\User\Downloads\a_few_red_heart_vector_152565.zip
2013-10-29 15:23 - 2013-10-30 08:26 - 00000000 ____D C:\Users\User\AppData\Local\Apple Computer
2013-10-29 13:29 - 2013-10-29 13:29 - 04801925 _____ C:\Users\User\Downloads\sun_kissed_photoshop_action_by_elestrial-d36odpj.zip
2013-10-29 13:27 - 2013-10-29 13:27 - 00001633 _____ C:\Users\User\Downloads\photoshop-action-Smooth skin.zip
2013-10-29 13:26 - 2013-10-29 13:26 - 00000795 _____ C:\Users\User\Downloads\action_056___TEETH_WHITENING___by_ModernActions.atn
2013-10-29 13:25 - 2013-10-29 13:24 - 00007968 _____ C:\Users\User\Downloads\ACTIONS_3D_by_JonasFan93.atn
2013-10-29 13:18 - 2013-10-29 13:18 - 00012644 _____ C:\Users\User\Downloads\RoTP-All-Presets.zip
2013-10-28 14:10 - 2013-10-28 14:10 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 14:10 - 2013-10-28 14:10 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 14:10 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-28 14:10 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-28 14:10 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-28 14:10 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-25 08:30 - 2013-10-25 08:30 - 08095190 _____ C:\Users\User\Downloads\waxing beauty.zip
2013-10-25 08:29 - 2013-10-25 08:29 - 00012933 _____ C:\Users\User\Desktop\Labtop Wide.zip
2013-10-24 14:31 - 2013-10-24 14:31 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff(1).html
2013-10-23 09:15 - 2013-10-23 09:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\FileZilla
2013-10-23 09:14 - 2013-10-23 09:14 - 07241860 _____ C:\Users\W-Lan\Downloads\FileZilla_3.7.3_win32.zip
2013-10-22 14:46 - 2013-10-22 14:46 - 00018630 _____ C:\Users\User\Downloads\Strait.zip
2013-10-21 14:22 - 2013-10-21 14:23 - 00000132 _____ C:\Users\W-Lan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-10-21 14:20 - 2013-10-21 14:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\NVIDIA
2013-10-21 11:55 - 2013-10-21 11:55 - 00000000 ____D C:\Users\W-Lan\Desktop\RTL8188_8191_8192_SU_WindowsDriver_1086.48.0809.2011.F0049_12.P0406_UI_1.00.0187.L
2013-10-21 11:55 - 2011-08-11 12:46 - 00694376 _____ (Realtek Semiconductor Corporation                           ) C:\Windows\system32\Drivers\RTL8192su.sys
2013-10-21 11:08 - 2013-10-21 11:10 - 88065608 _____ C:\Users\User\Downloads\Fotos_Original.rar
2013-10-21 08:35 - 2013-10-21 08:35 - 00037336 _____ C:\Users\User\Downloads\text-me-one.regular.ttf
2013-10-21 07:43 - 2013-10-21 07:43 - 00000881 _____ C:\Users\Public\Desktop\Mobilizer.lnk
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Users\User\AppData\Roaming\com.springbox.mobilizer
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Program Files (x86)\Mobilizer
2013-10-21 07:42 - 2013-10-21 07:43 - 02761523 _____ C:\Users\User\Downloads\Mobilizer.air
2013-10-17 10:53 - 2013-10-17 10:56 - 00104028 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne_207.txt
2013-10-17 10:41 - 2013-10-17 10:52 - 00283848 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne.txt
2013-10-15 15:54 - 2013-10-15 15:54 - 01182530 _____ C:\Users\User\Downloads\exo.zip
2013-10-15 15:54 - 2013-10-15 15:54 - 00000000 ____D C:\Users\User\Downloads\exo
2013-10-15 14:00 - 2013-10-31 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-15 11:33 - 2013-10-15 11:33 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff.html

==================== One Month Modified Files and Folders =======

2013-11-14 09:57 - 2013-11-13 13:06 - 00017044 _____ C:\Users\User\Desktop\FRST.txt
2013-11-14 09:57 - 2013-09-08 02:18 - 00000512 _____ C:\Windows\SysWOW64\za_mv_raid.ev
2013-11-14 09:57 - 2011-11-22 04:08 - 00070656 _____ C:\Windows\SysWOW64\freqdb.db
2013-11-14 09:56 - 2013-11-14 09:56 - 01957794 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-11-14 09:52 - 2013-11-14 09:52 - 00000758 _____ C:\Users\User\Desktop\JRT.txt
2013-11-14 09:49 - 2011-04-12 08:43 - 00698514 _____ C:\Windows\system32\perfh007.dat
2013-11-14 09:49 - 2011-04-12 08:43 - 00148570 _____ C:\Windows\system32\perfc007.dat
2013-11-14 09:49 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 09:48 - 2013-11-14 09:48 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 09:48 - 2013-09-08 00:49 - 01265474 _____ C:\Windows\WindowsUpdate.log
2013-11-14 09:45 - 2013-11-14 09:45 - 00001066 _____ C:\Users\User\Desktop\AdwCleaner[S0].txt
2013-11-14 09:45 - 2013-09-09 15:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2013-11-14 09:45 - 2013-09-08 14:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2013-11-14 09:45 - 2009-07-14 05:45 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:45 - 2009-07-14 05:45 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:44 - 2013-09-08 01:05 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 09:43 - 2013-09-08 02:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-14 09:43 - 2013-09-08 02:18 - 00010608 _____ C:\Windows\SysWOW64\mvaccelerator.log
2013-11-14 09:43 - 2010-11-21 04:47 - 00013600 _____ C:\Windows\PFRO.log
2013-11-14 09:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 09:43 - 2009-07-14 05:51 - 00036739 _____ C:\Windows\setupact.log
2013-11-14 09:41 - 2013-11-14 09:40 - 00000000 ____D C:\AdwCleaner
2013-11-14 09:31 - 2013-11-14 09:31 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 09:31 - 2013-11-14 09:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 09:29 - 2013-11-14 09:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 09:29 - 2013-11-14 09:29 - 01085542 _____ C:\Users\User\Desktop\adwcleaner.exe
2013-11-14 09:29 - 2013-11-14 09:29 - 01034531 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2013-11-14 09:21 - 2013-11-14 09:20 - 16203506 _____ C:\Users\User\Downloads\waxing beauty(2).zip
2013-11-14 09:20 - 2013-09-08 01:05 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 08:59 - 2013-09-10 08:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 08:28 - 2013-09-08 01:00 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-11-13 15:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-13 14:59 - 2013-11-13 14:59 - 00022402 _____ C:\ComboFix.txt
2013-11-13 14:59 - 2013-11-13 14:51 - 00000000 ____D C:\ComboFix
2013-11-13 14:59 - 2013-11-13 14:48 - 00000000 ____D C:\Qoobox
2013-11-13 14:58 - 2013-11-13 14:48 - 00000000 ____D C:\Windows\erdnt
2013-11-13 14:57 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-13 14:47 - 2013-11-13 14:47 - 05147957 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2013-11-13 13:40 - 2013-11-13 13:35 - 00006390 _____ C:\Users\User\Desktop\Gmer.log
2013-11-13 13:39 - 2013-11-13 13:39 - 01071224 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-13 13:36 - 2013-11-13 13:36 - 00087017 _____ C:\Users\User\Desktop\trojan.txt
2013-11-13 13:29 - 2013-11-13 13:29 - 00377856 _____ C:\Users\User\Desktop\gmer_2.1.19163.exe
2013-11-13 13:20 - 2013-11-13 13:09 - 00042953 _____ C:\Users\User\Desktop\Addition.txt
2013-11-13 13:06 - 2013-11-13 13:06 - 00000000 ____D C:\FRST
2013-11-13 13:03 - 2013-11-13 13:03 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe
2013-11-13 13:03 - 2013-11-13 13:03 - 00000478 _____ C:\Users\User\Downloads\defogger_disable.log
2013-11-13 13:03 - 2013-11-13 13:03 - 00000000 _____ C:\Users\User\defogger_reenable
2013-11-13 13:03 - 2013-09-08 00:50 - 00000000 ____D C:\Users\User
2013-11-13 11:48 - 2013-09-12 09:05 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2013-11-13 08:24 - 2013-09-08 14:52 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2013-11-11 13:49 - 2013-11-11 13:49 - 06026369 _____ C:\Users\User\Downloads\jsn_solid_docs.zip
2013-11-11 13:40 - 2013-11-11 13:38 - 43475453 _____ C:\Users\User\Downloads\jsn_solid_pro_standard_j25_quickstart.zip
2013-11-11 13:33 - 2013-09-11 10:38 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-11 13:23 - 2013-11-11 13:22 - 00333095 _____ C:\Users\User\Downloads\de-DE_joomla_lang_full_2.5.16v1.zip
2013-11-11 12:56 - 2013-11-11 12:55 - 26055071 _____ C:\Users\User\Downloads\jsn_solid_free_j25_quickstart.zip
2013-11-07 08:26 - 2013-09-08 00:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-06 13:13 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter
2013-11-06 13:12 - 2013-11-06 13:12 - 00001199 _____ C:\Users\User\Desktop\Any Video Converter.lnk
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\Documents\Any Video Converter Professional
2013-11-06 13:12 - 2013-11-06 13:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:11 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-11-06 13:11 - 2013-11-06 13:09 - 35631456 _____ (Any-Video-Converter.com                                     ) C:\Users\User\Downloads\avc-free-5.0.9.exe
2013-11-06 13:09 - 2013-10-31 08:48 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2013-11-06 13:08 - 2013-11-06 13:07 - 06982971 _____ C:\Users\User\Desktop\stalltuning_deutsch.....webm
2013-11-06 13:06 - 2013-11-06 13:03 - 11529424 _____ C:\Users\User\Desktop\stalltuning_deutsch.mp4
2013-11-06 12:59 - 2013-11-06 12:58 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-11-06 12:58 - 2013-11-06 12:58 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\Public\Documents\Adobe
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-11-06 11:14 - 2013-11-06 11:14 - 00000000 ____D C:\Users\User\AppData\Roaming\chc
2013-11-06 10:06 - 2013-11-06 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 08:36 - 2009-07-14 05:45 - 05344528 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-05 10:55 - 2013-09-08 12:26 - 00099728 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-05 08:20 - 2013-11-05 08:20 - 08095190 _____ C:\Users\User\Downloads\waxing beauty(1).zip
2013-11-04 16:10 - 2013-09-26 10:10 - 00013246 _____ C:\Users\User\Desktop\ps1102.txt
2013-11-04 15:30 - 2013-11-04 15:29 - 00000000 ____D C:\Users\User\Desktop\weh
2013-11-04 15:30 - 2013-09-30 14:04 - 00001456 _____ C:\Users\User\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-04 11:05 - 2013-11-04 11:05 - 00094985 _____ C:\Users\User\Downloads\Didact_Gothic.zip
2013-11-01 12:51 - 2013-11-01 12:51 - 00091205 _____ C:\Users\User\Downloads\Friz Quadrata Regular Italic.ttf
2013-11-01 12:20 - 2013-11-01 12:20 - 00028993 _____ C:\Users\User\Downloads\blairmditc_tt_medium.zip
2013-11-01 11:48 - 2013-11-01 11:48 - 00014317 _____ C:\Users\User\Downloads\frquad.zip
2013-11-01 11:43 - 2013-11-01 11:43 - 00028542 _____ C:\Users\User\Downloads\Garogier.zip
2013-11-01 11:27 - 2013-11-01 14:05 - 00099514 _____ C:\Users\User\Downloads\sf_grandezza.zip
2013-11-01 10:42 - 2013-11-01 10:42 - 01185346 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.eps
2013-11-01 10:37 - 2013-11-01 10:37 - 01342876 _____ C:\Users\User\Desktop\actec_Logo_NEU_CMYK.ai
2013-10-31 16:32 - 2013-11-06 12:50 - 183573266 _____ C:\Users\User\Desktop\PAl_Stalltuning_deutsch.mp4
2013-10-31 16:32 - 2013-10-31 14:48 - 00000000 ____D C:\Users\User\Desktop\Pal_Lüftung_deutsch3 Ordner
2013-10-31 15:39 - 2013-10-31 15:39 - 00217172 _____ C:\Users\User\Downloads\Archivo_Narrow.zip
2013-10-31 08:48 - 2013-10-31 08:48 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-31 08:48 - 2013-10-31 08:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-10-31 08:47 - 2013-10-31 08:47 - 23280480 _____ C:\Users\User\Downloads\vlc-2.1.0-win64.exe
2013-10-31 08:24 - 2013-10-15 14:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-30 13:24 - 2013-10-30 13:24 - 03238389 _____ C:\Users\User\Downloads\quickstartguide.pdf.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 02239606 _____ C:\Users\User\Downloads\com_akeeba-3.8.2-core.zip
2013-10-30 13:24 - 2013-10-30 13:24 - 00043927 _____ C:\Users\User\Downloads\akeebabackup-de-DE-j25.zip
2013-10-30 13:21 - 2013-10-30 13:21 - 00351624 _____ C:\Users\User\Downloads\ipricecalc_light_unzip1st.zip
2013-10-30 13:19 - 2013-10-30 13:19 - 00005117 _____ C:\Users\User\Downloads\mod_days_converter_1383135569.zip
2013-10-30 12:55 - 2013-10-30 12:55 - 03490991 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4 Ordner.zip
2013-10-30 12:54 - 2013-10-30 12:54 - 00724992 _____ C:\Users\User\Desktop\Smart_Swap_Anz_A4.indd
2013-10-30 12:05 - 2013-10-30 12:05 - 00085878 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light.ttf
2013-10-30 12:03 - 2013-10-30 12:03 - 00059790 _____ C:\Users\User\Downloads\ufonts.com_univers_lt_47_condensed_light_oblique.ttf
2013-10-30 12:02 - 2013-09-12 12:35 - 00000000 ___RD C:\Users\User\Virtual Machines
2013-10-30 10:59 - 2013-10-10 10:56 - 00000000 ____D C:\Users\User\Desktop\Bildbe_KuW
2013-10-30 08:43 - 2013-10-30 08:43 - 04460353 _____ C:\Users\User\Downloads\a_few_red_heart_vector_152565.zip
2013-10-30 08:26 - 2013-10-29 15:23 - 00000000 ____D C:\Users\User\AppData\Local\Apple Computer
2013-10-29 15:30 - 2013-09-08 21:07 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-29 13:29 - 2013-10-29 13:29 - 04801925 _____ C:\Users\User\Downloads\sun_kissed_photoshop_action_by_elestrial-d36odpj.zip
2013-10-29 13:27 - 2013-10-29 13:27 - 00001633 _____ C:\Users\User\Downloads\photoshop-action-Smooth skin.zip
2013-10-29 13:26 - 2013-10-29 13:26 - 00000795 _____ C:\Users\User\Downloads\action_056___TEETH_WHITENING___by_ModernActions.atn
2013-10-29 13:24 - 2013-10-29 13:25 - 00007968 _____ C:\Users\User\Downloads\ACTIONS_3D_by_JonasFan93.atn
2013-10-29 13:18 - 2013-10-29 13:18 - 00012644 _____ C:\Users\User\Downloads\RoTP-All-Presets.zip
2013-10-28 14:10 - 2013-10-28 14:10 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 14:10 - 2013-10-28 14:10 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 14:10 - 2013-09-08 21:37 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-25 08:30 - 2013-10-25 08:30 - 08095190 _____ C:\Users\User\Downloads\waxing beauty.zip
2013-10-25 08:29 - 2013-10-25 08:29 - 00012933 _____ C:\Users\User\Desktop\Labtop Wide.zip
2013-10-24 14:31 - 2013-10-24 14:31 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff(1).html
2013-10-23 09:43 - 2013-10-09 08:22 - 00000000 ____D C:\Users\W-Lan\AppData\Local\Adobe
2013-10-23 09:20 - 2013-10-23 09:15 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\FileZilla
2013-10-23 09:14 - 2013-10-23 09:14 - 07241860 _____ C:\Users\W-Lan\Downloads\FileZilla_3.7.3_win32.zip
2013-10-23 09:14 - 2013-10-09 08:22 - 00091312 _____ C:\Users\W-Lan\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-22 14:46 - 2013-10-22 14:46 - 00018630 _____ C:\Users\User\Downloads\Strait.zip
2013-10-22 14:42 - 2013-09-27 10:40 - 00000132 _____ C:\Users\User\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2013-10-21 14:26 - 2013-10-09 08:22 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\Adobe
2013-10-21 14:23 - 2013-10-21 14:22 - 00000132 _____ C:\Users\W-Lan\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-10-21 14:20 - 2013-10-21 14:20 - 00000000 ____D C:\Users\W-Lan\AppData\Roaming\NVIDIA
2013-10-21 12:00 - 2013-09-10 08:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-21 12:00 - 2013-09-10 08:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-21 11:55 - 2013-10-21 11:55 - 00000000 ____D C:\Users\W-Lan\Desktop\RTL8188_8191_8192_SU_WindowsDriver_1086.48.0809.2011.F0049_12.P0406_UI_1.00.0187.L
2013-10-21 11:10 - 2013-10-21 11:08 - 88065608 _____ C:\Users\User\Downloads\Fotos_Original.rar
2013-10-21 08:35 - 2013-10-21 08:35 - 00037336 _____ C:\Users\User\Downloads\text-me-one.regular.ttf
2013-10-21 07:43 - 2013-10-21 07:43 - 00000881 _____ C:\Users\Public\Desktop\Mobilizer.lnk
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Users\User\AppData\Roaming\com.springbox.mobilizer
2013-10-21 07:43 - 2013-10-21 07:43 - 00000000 ____D C:\Program Files (x86)\Mobilizer
2013-10-21 07:43 - 2013-10-21 07:42 - 02761523 _____ C:\Users\User\Downloads\Mobilizer.air
2013-10-17 10:56 - 2013-10-17 10:53 - 00104028 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne_207.txt
2013-10-17 10:52 - 2013-10-17 10:41 - 00283848 _____ C:\Users\User\Desktop\EXK_Beschnpfad_Ohne.txt
2013-10-16 16:15 - 2013-09-08 01:05 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-16 16:15 - 2013-09-08 01:05 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-16 07:00 - 2013-09-11 13:19 - 00000388 _____ C:\Windows\Tasks\X-Rite Device Services Software Updater.job
2013-10-15 15:54 - 2013-10-15 15:54 - 01182530 _____ C:\Users\User\Downloads\exo.zip
2013-10-15 15:54 - 2013-10-15 15:54 - 00000000 ____D C:\Users\User\Downloads\exo
2013-10-15 11:33 - 2013-10-15 11:33 - 00000053 _____ C:\Users\User\Downloads\google6be8a98ba3a92bff.html

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-11 12:50

==================== End Of Log ============================
--- --- ---

--- --- ---


Alt 14.11.2013, 13:53   #6
schrauber
/// the machine
/// TB-Ausbilder
 
JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Standard

JS/BlacoleRef.DD.38 in Firefox Cache Win 7



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> JS/BlacoleRef.DD.38 in Firefox Cache Win 7

Antwort

Themen zu JS/BlacoleRef.DD.38 in Firefox Cache Win 7
192.168.0.2, 32 bit, 4d36e972-e325-11ce-bfc1-08002be10318, antivir, antivirus, avira, bonjour, browser, cache, dvdvideosoft ltd., entfernen, farbar, farbar recovery scan tool, fehler, firefox, flash player, homepage, js/blacoleref.dd.38, mozilla, nicht möglich, plug-in, popup, programm, realtek, registry, richtlinie, rundll, scan, security, software, spotify web helper, svchost.exe, system, tablet, updates, usb, virus, windows 7


« Windows 8 b1search.org browser hijacker Infektion | Windows 7 sirefef-bittt trj und malware-gen virus »


Ähnliche Themen: JS/BlacoleRef.DD.38 in Firefox Cache Win 7


  1. Windows 8.1 - Comodo findet TrojWare.JS.Agent.PD in Google/Firefox Cache
    Log-Analyse und Auswertung - 20.06.2015 (19)
  2. JS/EXP.Redir.EL.7 + JS/BlacoleRef.DH.1 + PHP/IRCBOT.DW
    Plagegeister aller Art und deren Bekämpfung - 08.09.2013 (26)
  3. Trojan:JS/BlacoleRef.CZ auf Win7
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (9)
  4. JS/BlacoleRef.DD.17 auf meinem server
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (2)
  5. JS/BlacoleRef.W.320
    Plagegeister aller Art und deren Bekämpfung - 16.05.2013 (9)
  6. Virus JS/BlacoleRef.W.101 bei mir
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (5)
  7. HTML/Rce.Gen3 in Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (4)
  8. 'EXP/Pidief.dld' in 'C:\Users\***\AppData\Local\Mozilla\Firefox\Profiles\xiejebkm.default\Cache\F\DF\62839d01'
    Log-Analyse und Auswertung - 04.11.2012 (6)
  9. JS/Expack.aeu in C:\Users\***\AppData\Local\Mozilla\Firefox\Profiles\lkt0e7uc.default\Cache\E\A6\14C54d01
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (15)
  10. EXP/JS.Iframe.AL in Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (52)
  11. Firefox stürzt ab und am Cache sofort BlueScreen
    Plagegeister aller Art und deren Bekämpfung - 19.03.2012 (8)
  12. Infected.WebPage.Gen3 in C:\Users\...\AppData\Local\Mozilla\Firefox\Profiles\m3ssewbw.default\Cache\
    Log-Analyse und Auswertung - 28.09.2011 (11)
  13. AntiVir: TR/Crypt.XPACK.Gen3 in Firefox-Cache
    Plagegeister aller Art und deren Bekämpfung - 11.03.2011 (42)
  14. HTML/Spoofing.Gen im Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 01.04.2010 (21)
  15. Firefox Cache: EXP/Pidief.GL
    Plagegeister aller Art und deren Bekämpfung - 14.12.2009 (1)
  16. Trojan.Dropper im Firefox CACHE.
    Plagegeister aller Art und deren Bekämpfung - 07.08.2009 (2)
  17. Firefox Cache
    Plagegeister aller Art und deren Bekämpfung - 14.01.2008 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema JS/BlacoleRef.DD.38 in Firefox Cache Win 7 - Moin liebe Board-User, hab heute diese Meldung bekommen von AntiVir (und entfernen lassen), hoffe ich hab alles zusammen was benötigt wird: AntiVir meldet: Code: Alles auswählen Aufklappen ATTFilter AppData\Local\Mozilla\Firefox\Profiles\bvwq14qf.default\Cache\_CACHE_003_' wurde - JS/BlacoleRef.DD.38 in Firefox Cache Win 7...
Archiv
Du betrachtest: JS/BlacoleRef.DD.38 in Firefox Cache Win 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130