FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by PLANSTATION EF (administrator) on NB on 03-12-2013 11:44:13
Running from C:\Users\PLANSTATION EF\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
() C:\Users\PLANSTATION EF\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
() C:\Program Files (x86)\Tor\tor.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dropbox, Inc.) C:\Users\PLANSTATION EF\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [684016 2012-12-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-21] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE [7469568 2012-01-18] (Dell Inc.)
HKLM\...\Run: [TdmNotify] - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [370584 2012-11-09] (Wave Systems Corp.)
HKLM\...\Run: [Ocs_SM] - C:\Users\PLANSTATION EF\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-05-22] (OCS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Runonce: [Uninstall C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"
HKCU\...\Runonce: [Uninstall C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKCU\...\Runonce: [Uninstall C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PLANSTATION EF\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
MountPoints2: {f083b76b-bcbe-11e2-986c-f01faf0724d8} - G:\SETUP.EXE
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-10-16] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] - C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini [324 2013-05-22] ()
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll c:\windows\system32\nvinitx.dll,c:\windows\system32\nvinitx.dll [ ] ()
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\PLANSTATION EF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PLANSTATION EF\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=119828&tt=gc_&babsrc=HP_ss_sps&mntrId=DE7E1C3E84B93444
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
SearchScopes: HKLM - DefaultScope {65605E71-BD1E-465B-BCE7-FFDFBDEF5C98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {65605E71-BD1E-465B-BCE7-FFDFBDEF5C98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {65605E71-BD1E-465B-BCE7-FFDFBDEF5C98} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=fdb7db10-8d52-4438-bdf2-a8125f8487af&searchtype=ds&q={searchTerms}&installDate=14/05/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q={searchTerms}&affID=119828&tt=gc_&babsrc=SP_ss_btis&mntrId=DE7E1C3E84B93444
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá�*X(Ž2s��(ÛÎÀJºÔÓµ± �vË°!×—(ä¼48и�patm6êo�^Mp`�Ëõ÷_i£w˜¾!„Áû�†x¢8€ÙjÀÿþ*´Ñ;áa´�[¦†8*º~RÙxœòÜ8'£-)�x*ä* URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default
FF user.js: detected! => C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyDeal - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: FoxyProxy Basic - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\foxyproxy@eric.h.jung
FF Extension: No Name - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\trash
FF Extension: WOT - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: adblockpopups - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: firefox - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\firefox@ghostery.com.xpi
FF Extension: toolbar - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\toolbar@web.de.xpi
FF Extension: Adblock Plus - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\PLANSTATION EF\AppData\Roaming\Mozilla\Firefox\Profiles\p7u0z6eo.default\extensions\firejump@firejump.net
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2013-05-16] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [225720 2012-11-20] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-23] (Intel Corporation)
R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-19] ()
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] ()
R2 SearchAnonymizer; C:\Users\PLANSTATION EF\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-05-22] ()
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] ()
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-07] ()
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [48128 2012-01-18] (Dell Inc.)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
==================== Drivers (Whitelisted) ====================
R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-03-15] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-14] (DT Soft Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-13] (NVIDIA Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-03 11:44 - 2013-12-03 11:44 - 00022847 _____ C:\Users\PLANSTATION EF\Downloads\FRST.txt
2013-12-03 11:44 - 2013-12-03 11:44 - 00000000 ____D C:\FRST
2013-12-03 11:43 - 2013-12-03 11:43 - 01959434 _____ (Farbar) C:\Users\PLANSTATION EF\Downloads\FRST64.exe
2013-12-03 11:31 - 2013-12-03 11:31 - 00300176 _____ C:\Windows\Minidump\120313-12261-01.dmp
2013-12-03 11:25 - 2013-12-03 11:31 - 739871729 _____ C:\Windows\MEMORY.DMP
2013-12-03 11:25 - 2013-12-03 11:31 - 00000000 ____D C:\Windows\Minidump
2013-12-03 11:25 - 2013-12-03 11:25 - 00299888 _____ C:\Windows\Minidump\120313-12214-01.dmp
2013-11-29 07:56 - 2013-12-03 11:31 - 00001008 _____ C:\Windows\setupact.log
2013-11-29 07:56 - 2013-11-29 07:56 - 00000000 _____ C:\Windows\setuperr.log
2013-11-28 08:19 - 2013-11-28 08:19 - 00023402 _____ C:\Users\PLANSTATION EF\Documents\cc_20131128_081929.reg
2013-11-28 08:17 - 2013-11-28 08:17 - 04618136 _____ (Piriform Ltd) C:\Users\PLANSTATION EF\Downloads\ccsetup408.exe
2013-11-22 12:08 - 2013-11-22 12:08 - 00000000 ____D C:\Program Files\BauerSoftware
2013-11-22 12:07 - 2013-11-22 12:07 - 03722240 _____ C:\Users\PLANSTATION EF\Downloads\HsrWindows64(1).msi
2013-11-20 12:24 - 2013-11-20 12:24 - 00000000 ____D C:\Users\PLANSTATION EF\AppData\Roaming\PC-FAX TX
2013-11-19 10:19 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-19 10:19 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-19 10:19 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-19 10:19 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-19 10:19 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-19 10:19 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-19 10:19 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-19 10:19 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-19 10:19 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-19 10:19 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-19 10:19 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-19 10:19 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-19 10:19 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-19 10:19 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-19 10:19 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-19 10:19 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-19 10:19 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-19 10:19 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-19 10:19 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-19 10:19 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-19 10:19 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-19 10:19 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-19 10:18 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-19 10:18 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-19 10:18 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-19 10:18 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-19 10:18 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-19 10:18 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-19 10:18 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-19 10:18 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-18 09:26 - 2013-11-18 09:26 - 00777352 _____ C:\Users\PLANSTATION EF\Downloads\Top-Shadow.zip
2013-11-12 12:16 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 12:14 - 2013-11-12 12:14 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 12:14 - 2013-11-12 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 12:14 - 2013-11-12 12:14 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 12:14 - 2013-11-12 12:14 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 12:14 - 2013-11-12 12:14 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 12:14 - 2013-11-12 12:14 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 12:14 - 2013-11-12 12:14 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 12:14 - 2013-11-12 12:14 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 12:14 - 2013-11-12 12:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 12:14 - 2013-11-12 12:14 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 12:14 - 2013-11-12 12:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
==================== One Month Modified Files and Folders =======
2013-12-03 11:44 - 2013-12-03 11:44 - 00022847 _____ C:\Users\PLANSTATION EF\Downloads\FRST.txt
2013-12-03 11:44 - 2013-12-03 11:44 - 00000000 ____D C:\FRST
2013-12-03 11:43 - 2013-12-03 11:43 - 01959434 _____ (Farbar) C:\Users\PLANSTATION EF\Downloads\FRST64.exe
2013-12-03 11:43 - 2013-06-23 18:37 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA
2013-12-03 11:39 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 11:39 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 11:37 - 2013-05-22 12:05 - 00000000 ____D C:\Users\PLANSTATION EF\Documents\Outlook-Dateien
2013-12-03 11:37 - 2010-11-21 07:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2013-12-03 11:37 - 2010-11-21 07:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2013-12-03 11:37 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 11:35 - 2013-10-18 10:22 - 00843327 _____ C:\Windows\WindowsUpdate.log
2013-12-03 11:32 - 2013-05-22 14:08 - 00000000 ___RD C:\Users\PLANSTATION EF\Dropbox
2013-12-03 11:32 - 2013-05-22 14:05 - 00000000 ____D C:\Users\PLANSTATION EF\AppData\Roaming\Dropbox
2013-12-03 11:31 - 2013-12-03 11:31 - 00300176 _____ C:\Windows\Minidump\120313-12261-01.dmp
2013-12-03 11:31 - 2013-12-03 11:25 - 739871729 _____ C:\Windows\MEMORY.DMP
2013-12-03 11:31 - 2013-12-03 11:25 - 00000000 ____D C:\Windows\Minidump
2013-12-03 11:31 - 2013-11-29 07:56 - 00001008 _____ C:\Windows\setupact.log
2013-12-03 11:31 - 2013-05-13 13:37 - 00000000 ____D C:\Users\PLANSTATION EF
2013-12-03 11:31 - 2013-05-08 16:13 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-03 11:31 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 11:30 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-03 11:25 - 2013-12-03 11:25 - 00299888 _____ C:\Windows\Minidump\120313-12214-01.dmp
2013-12-03 11:21 - 2013-05-08 08:57 - 00000000 ____D C:\Windows\devcon
2013-12-03 11:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-03 11:08 - 2013-05-13 15:48 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 12:59 - 2013-05-22 10:57 - 00000676 _____ C:\Windows\Tasks\WebContent AutoUpdate 2011.job
2013-12-02 12:57 - 2013-05-22 10:57 - 00000420 _____ C:\Windows\Tasks\Allplan AutoUpdate 2011.job
2013-12-02 12:18 - 2013-08-29 09:13 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 11:37 - 2013-06-14 14:26 - 00000000 ____D C:\Users\PLANSTATION EF\Documents\Allright
2013-12-02 08:20 - 2013-05-26 16:53 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1A0C3352-FC77-4AD3-9F41-63353B148BD5}
2013-11-29 08:00 - 2013-05-14 14:08 - 00000518 _____ C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job
2013-11-29 07:56 - 2013-11-29 07:56 - 00000000 _____ C:\Windows\setuperr.log
2013-11-28 08:19 - 2013-11-28 08:19 - 00023402 _____ C:\Users\PLANSTATION EF\Documents\cc_20131128_081929.reg
2013-11-28 08:18 - 2013-05-22 13:53 - 00000000 ____D C:\Program Files\CCleaner
2013-11-28 08:17 - 2013-11-28 08:17 - 04618136 _____ (Piriform Ltd) C:\Users\PLANSTATION EF\Downloads\ccsetup408.exe
2013-11-27 16:07 - 2011-02-11 18:36 - 00000000 ____D C:\Windows\panther
2013-11-27 08:29 - 2011-02-11 18:45 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-26 13:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-25 09:09 - 2013-05-13 13:39 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2013-11-22 12:08 - 2013-11-22 12:08 - 00000000 ____D C:\Program Files\BauerSoftware
2013-11-22 12:07 - 2013-11-22 12:07 - 03722240 _____ C:\Users\PLANSTATION EF\Downloads\HsrWindows64(1).msi
2013-11-22 08:18 - 2013-09-15 14:42 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-20 12:24 - 2013-11-20 12:24 - 00000000 ____D C:\Users\PLANSTATION EF\AppData\Roaming\PC-FAX TX
2013-11-20 12:24 - 2013-05-22 13:01 - 00000770 _____ C:\Windows\Brpfx04a.ini
2013-11-20 08:39 - 2013-08-14 16:27 - 00000000 ____D C:\Windows\system32\MRT
2013-11-20 08:32 - 2013-05-13 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 10:38 - 2013-05-16 17:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-19 10:37 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2013-11-19 10:32 - 2013-05-13 14:55 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-19 10:19 - 2013-05-13 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 09:26 - 2013-11-18 09:26 - 00777352 _____ C:\Users\PLANSTATION EF\Downloads\Top-Shadow.zip
2013-11-14 09:28 - 2013-05-13 17:41 - 00000000 ____D C:\Users\PLANSTATION EF\AppData\Local\Adobe
2013-11-14 09:27 - 2013-05-08 16:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 09:27 - 2013-05-08 16:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-12 12:46 - 2013-05-13 13:37 - 00001419 _____ C:\Users\PLANSTATION EF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 12:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 12:14 - 2013-11-12 12:14 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 12:14 - 2013-11-12 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 12:14 - 2013-11-12 12:14 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 12:14 - 2013-11-12 12:14 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 12:14 - 2013-11-12 12:14 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 12:14 - 2013-11-12 12:14 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 12:14 - 2013-11-12 12:14 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 12:14 - 2013-11-12 12:14 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 12:14 - 2013-11-12 12:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 12:14 - 2013-11-12 12:14 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 12:14 - 2013-11-12 12:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 12:14 - 2013-11-12 12:14 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 12:14 - 2013-11-12 12:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 12:07 - 2013-05-13 15:48 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-08 13:26 - 2013-05-22 14:01 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-11-08 13:25 - 2013-08-06 14:46 - 00000000 ____D C:\Users\PLANSTATION EF\AppData\Local\.elfohilfe
Some content of TEMP:
====================
C:\Users\PLANSTATION EF\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-26 13:13
==================== End Of Log ============================
--- --- ---
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2013
Ran by PLANSTATION EF at 2013-12-03 11:44:38
Running from C:\Users\PLANSTATION EF\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Acrobat 8 Professional - English, Français, Deutsch (x32 Version: 8.0.0)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe Dreamweaver CS3 (x32 Version: 9)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Extension Manager CS3 (x32 Version: 1.8)
Adobe Flash CS3 (x32 Version: 9.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.168)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Flash Player 9 ActiveX (x32 Version: 9.0.45.0)
Adobe Flash Video Encoder (x32 Version: 2.0)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Illustrator CS3 (x32 Version: 13.0)
Adobe InDesign CS3 (x32 Version: 5.0)
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe MotionPicture Color Files (x32 Version: 1.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Reader XI (11.0.03) MUI (x32 Version: 11.0.03)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Setup (x32 Version: 1.0)
Adobe SING CS3 (x32 Version: 0.1)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe Version Cue CS3 Server (x32 Version: 3.0)
Adobe WAS CS3 (x32 Version: 1.0)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
AHV content for Acrobat and Flash (x32 Version: 1)
Allplan IBD Hochbau - CAD Planungsdaten für Allplan 2011 (x32 Version: 2011.0)
Allplan IBD Umbau - CAD Planungsdaten für Allplan 2011 (x32 Version: 2009.0)
Avira Free Antivirus (x32 Version: 14.0.1.759)
Brother MFL-Pro Suite MFC-J415W (x32 Version: 1.0.3.0)
CCleaner (Version: 4.08)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Custom (Version: 01.00.00.002)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Client System Update (x32 Version: 1.3.0)
Dell Data Protection | Access (Version: 2.3.00001.021)
Dell Edoc Viewer (Version: 1.0.0)
Dell Feature Enhancement Pack (Version: 2.2.1)
Dell Touchpad (Version: 8.1200.101.124)
Dell Webcam Central (x32 Version: 1.40.54)
DellAccess (Version: 01.03.00.046)
Delta Chrome Toolbar (x32)
Delta toolbar (x32 Version: 1.8.21.5)
DownloadHandler (x32 Version: 1.00.0000)
Dropbox (HKCU Version: 2.0.22)
DW WLAN Card Utility (Version: 5.100.82.124)
ElsterFormular (x32 Version: 14.4.12044)
EMBASSY Client Core (Version: 01.03.00.092)
ERAS Connector (Version: 02.09.05.0330)
ESS Energie Indikator (x32 Version: 2011.0)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.32.0)
FireJump (x32 Version: 1.0.2.7)
Fotogalerie (x32 Version: 16.4.3508.0205)
FoxyDeal version 1.0.0 (x32 Version: 1.0.0)
FreePDF (Remove only) (x32)
Freizeitkarte_FRA (Ausgabe 13.07) (x32)
Garmin BaseCamp (x32 Version: 4.2.2)
Garmin MapInstall (x32 Version: 4.0.3)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Gemalto (Version: 01.64.01.0010)
GemPcCCID (Version: 2.0.1)
General Runtime Files for Allplan 2011 Release (x32 Version: 1.3.0.0)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
GPL Ghostscript (Version: 9.07)
HOAI Schnellrechner (Version: 4.0.5)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 8.1.20.1337)
Intel(R) Network Connections 17.2.154.0 (Version: 17.2.154.0)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2639)
Intel(R) Rapid Storage Technology (x32 Version: 11.2.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.6.245)
Intel® Trusted Connect Service Client (Version: 1.26.242.3)
Junk Mail filter update (x32 Version: 16.4.3508.0205)
MAGIX Foto Manager MX Deluxe (Version: 9.0.1.250)
MAGIX Foto Manager MX Deluxe (x32 Version: 9.0.1.250)
MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256)
MAGIX Fotos auf DVD easy SE (Version: 1.0.2.13)
MAGIX Fotos auf DVD easy SE (x32 Version: 1.0.2.13)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.1.9)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MapSource (x32)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft Project Professional 2010 (x32 Version: 14.0.7015.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nemetschek Allplan 2011 (x32 Version: 2011.0)
NVIDIA 3D Vision Treiber 311.10 (Version: 311.10)
NVIDIA Grafiktreiber 311.10 (Version: 311.10)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1110)
NVIDIA Systemsteuerung 311.10 (Version: 311.10)
NVIDIA Update Components (Version: 1.11.3)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.38)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003)
PBA Driver (Version: 1.0.1.7)
PDF Settings (x32 Version: 1.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Pixum Fotobuch (x32 Version: 5.0.1)
Preboot Manager (Version: 03.05.00.026)
Private Information Manager (Version: 07.03.00.016)
RedMon - Redirection Port Monitor
Scala Digital 1.0.0.31 (x32)
ScanSoft PaperPort 11 (x32 Version: 11.2.0000)
SearchAnonymizer (Version: 1.0.1 (de))
Sentinel HASP Run-time (x32 Version: 5.0.1.14210)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
SI TSS (Version: 2.1.41)
SPBA (WBF) 5.9 (Version: 5.9.7.7232)
ST Microelectronics 3 Axis Digital Accelerometer Solution (x32 Version: 4.10.0036)
toolkit32for64bit (x32 Version: 7.68.85.0013)
Total Commander (Remove or Repair) (x32 Version: 8.01)
Trusted Drive Manager (Version: 5.0.0.304)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VLC media player 2.0.7 (Version: 2.0.7)
Waermebrueckenkatalog (x32 Version: 5.00.000)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000)
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000)
Wave Infrastructure Installer (Version: 07.68.85.0014)
Wave Support Software Installer (Version: 05.15.00.021)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live Family Safety (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Mail (x32 Version: 16.4.3508.0205)
Windows Live Messenger (x32 Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows Live Writer (x32 Version: 16.4.3508.0205)
Windows Live Writer Resources (x32 Version: 16.4.3508.0205)
ZUB HELENA® 2012 Professional (x32)
==================== Restore Points =========================
25-11-2013 07:38:49 Windows-Sicherung
27-11-2013 07:27:07 Windows Update
03-12-2013 10:10:13 Avira Free Antivirus - 03.12.2013 11:10
03-12-2013 10:41:49 Windows-Sicherung
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1338B30D-FCCF-49DD-A1DE-861F8F0DEB56} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {32EB4FD4-1D22-4368-A3A3-109E341B5554} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)
Task: {3EF65B28-4C9E-434C-BDBF-9F5C93D94B78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)
Task: {512CEA65-B933-4CA9-8E38-A142E68629B0} - System32\Tasks\EPUpdater => C:\Users\PLANSTATION EF\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] ()
Task: {694A8E57-4842-42F2-BA27-3810D5187BA4} - System32\Tasks\Allplan AutoUpdate 2011 => C:\Program Files (x86)\Nemetschek\Allplan_2011\Prg\LaunchAllplanAutoUpdate.exe [2011-02-22] (Nemetschek Allplan GmbH)
Task: {A09F4D47-42AC-4DD7-B47A-33CB3CA955D6} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\wsceaa.exe [2012-10-17] (Wave Systems Corp.)
Task: {BBD9315D-23B4-4734-83B4-D9E051144C3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {C455E998-73E4-4C54-AC94-50CE65979E1C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-14] (Adobe Systems Incorporated)
Task: {E678D94F-5489-4E5F-8F22-EFC69DF68517} - System32\Tasks\Allplan AutoUpdate 2011-1 => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe
Task: {FC99FE01-BFA6-4D59-99F9-BAE5AB6C396B} - System32\Tasks\WebContent AutoUpdate 2011 => C:\Program Files (x86)\Nemetschek\Allplan_2011\Prg\NemDownloadHandler.exe [2011-02-22] (Nemetschek Allplan GmbH)
Task: {FE902278-742B-4554-A344-9039A5F11652} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {FEA57035-36E1-421D-AE31-88D1C085EE8B} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe
Task: C:\Windows\Tasks\Allplan AutoUpdate 2011.job => C:\Program Files (x86)\Nemetschek\Allplan_2011\prg\LaunchAllplanAutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec64b4fd7138a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WebContent AutoUpdate 2011.job => C:\Program Files (x86)\Nemetschek\Allplan_2011\prg\NemDownloadHandler.exe
==================== Loaded Modules (whitelisted) =============
2013-11-21 12:16 - 2013-11-18 15:32 - 01958880 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-08 17:45 - 2012-02-01 19:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-13 15:48 - 2013-05-13 15:45 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\PLANSTATION EF\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-13 13:45 - 2013-11-19 10:19 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-15 14:36 - 2013-08-15 14:36 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d5fbd408c39e0de3296b93ac03a5c147\IsdiInterop.ni.dll
2013-05-08 16:12 - 2012-05-30 19:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-08 16:11 - 2012-10-23 01:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2013 11:33:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:31:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Name des fehlerhaften Moduls: BitGuard.exe, Version: 2.7.1832.68, Zeitstempel: 0x528a2500
Ausnahmecode: 0x40000015
Fehleroffset: 0x00119b90
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3
Error: (12/03/2013 11:27:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:16:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:04:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2013 08:28:32 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (12/02/2013 08:15:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2013 00:13:33 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (11/29/2013 07:58:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2013 05:55:33 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
System errors:
=============
Error: (12/03/2013 11:42:47 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/03/2013 11:37:43 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (12/03/2013 11:32:47 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/03/2013 11:31:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/03/2013 11:31:45 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BitGuard erreicht.
Error: (12/03/2013 11:31:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WvPCR" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (12/03/2013 11:31:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SI TSS v1.2.1.41 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (12/03/2013 11:31:35 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{efaaca5d-b7b4-11e2-b13d-806e6f6e6963}" können nicht gelesen werden.
Error: (12/03/2013 11:31:33 AM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa8010a14040, 0xfffffa8010a14320, 0xfffff8000258e7b0)C:\Windows\MEMORY.DMP120313-12261-01
Error: (12/03/2013 11:31:32 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 03.12.2013 um 11:29:18 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (12/03/2013 11:33:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:31:38 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.7.1832.68528a2500BitGuard.exe2.7.1832.68528a25004000001500119b908d001cef012d917fca4C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeC:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe17026465-5c06-11e3-bbe3-f01faf0724d8
Error: (12/03/2013 11:27:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:16:50 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/03/2013 11:04:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/02/2013 08:28:32 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (12/02/2013 08:15:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2013 00:13:33 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (11/29/2013 07:58:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2013 05:55:33 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8063.48 MB
Available physical RAM: 5362.52 MB
Total Pagefile: 9085.66 MB
Available Pagefile: 6178.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:107.44 GB) (Free:36.38 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:465.75 GB) (Free:310.57 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:465.64 GB) (Free:151.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 440F6BFD)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 119 GB) (Disk ID: E5099E27)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 702D16EC)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)
==================== End Of Log ============================[/CODE]
__________________
03.12.2013, 12:07
So funktioniert es:
Linear-Darstellung
