PC ist stark befallen. Suche Programm/e, mit dem man Viren und andere Schädlinge entfernen kann. (Extern über Stick)

Alamo · 08.12.2013, 23:49

Hallo allerseits. Eine Freundin hat ein Problem mit dem Betriebssystem, es hängt sich auf, hat Viren, kann nicht im Internet surfen, usw.. Ihr letzter Ausweg, so meint sie: Betreibssystem neu aufsetzen. Ich versuche mit einer anderen Lösung zu helfen. Ich habe im abgesichrten Modus und Antivirenprogramm sowie manuellem Entfernen alles hingekriegt... das war aber vor 4 Jahren, hab die Software nicht mehr usw... Also, ich bin 1. kein Experte und 2. kann ich mir von hier aus kein Überblickblick von ihrer Lage machen. Ich hatte noch nicht die Chance sich einen Überblick zu verschaffen. Ich habe vorgschlagen, wir versuchen es Morgen im abgesicherten Modus zu starten und Systmewiederherstellung durchzuführen. Ansonsten will ich mal HijackThis von meinem Stick drauf tun und die Log Dateien dann bei mir zu Hause mit Hilfe der Community (also unter anderem auch euch

) auswerten und sie dann anschließend fixieren und wieder Systemwiederherstellung versuchen.
Also ich bräuchte mal eure Meinung: Was für Software benutzt ihr dafür in der Regel, welche soll ich mitnehmen? Und was für Schritte würdet ihr mir empfehlen einzuleiten?
Hier ihre Beschreibung zu dem Problem. "Es ist extrem langsam und ich kann meistens nicht die Internetverbindung aufbauen... Ich glaub ich hab mir zu letzt Serien angeschaut. Und es installieren sich selbstständig Sachen darauf." (au weia, wenn sich selbstständig Sachen drauf installieren, das ist schonmal sehr schlecht...)

Kann man in der "Verwaltung" was drehen? Also da sind "Dienste": Alles was verdächtig aussieht abschalten, Quelle suchen und entfernen. "Ereignisanzeige" könnte helfen zu gucken, wann wo was aufgetreten ist oder? Was haltet ihr von der Software adwcleaner? Sie hat ja erwähnt dass sich unerwünscht Sachen drauf installieren.
Logfiles kommen dann Morgen!

Ich bin für jede hilfreiche Antwort dankbar!

cosinus · 09.12.2013, 00:00

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Alamo · 09.12.2013, 00:06

Danke für den warmen Empfang, cosinus.

Wie gesagt, Logfile kommt leider Morgen, müsste euch noch gedulden

EDIT: Ok. Lasse bei mir schonmal Farbar probelaufen. Das Programm scheint sehr gründlich zu sein.

cosinus · 09.12.2013, 00:19

Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags)

Alamo · 09.12.2013, 18:51

hier die FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-12-2013 03
Ran by Khadra Lul (administrator) on KHADRALUL-PC on 09-12-2013 17:05:52
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(Dropbox, Inc.) C:\Users\Khadra Lul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
() C:\Users\Khadra Lul\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
(Sysinternals - www.sysinternals.com) C:\Users\Khadra Lul\Desktop\Adams Prog\Windows Überwachungsprogramme\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Khadra Lul\AppData\Local\Temp\procexp64.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPWebService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-16] (ELAN Microelectronics Corp.)
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [Facebook Update] - C:\Users\Khadra Lul\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {15eb9304-fc18-11e1-8b2e-e81132c7c1de} - F:\Startme.exe
MountPoints2: {17804142-978d-11e2-ae20-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {1bad8640-ae41-11e2-9743-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {1bad8651-ae41-11e2-9743-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {1d4f00a9-4b66-11e2-a3bf-e81132c7c1de} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {2e8ee3b8-5e70-11e2-b55b-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {2e8ee3d4-5e70-11e2-b55b-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {3eacbcc8-eaa0-11e1-9592-e81132c7c1de} - F:\Setup.exe
MountPoints2: {7d524b05-135c-11e2-ba30-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {9e8003af-ada3-11e2-8c2f-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {9e8003c0-ada3-11e2-8c2f-e81132c7c1de} - F:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\ab37ecb8-9b2b-42f1-b6fc-a7f1c64d4435.exe /check
AppInit_DLLs: C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2603312 2013-12-04] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll [2869720 2013-10-29] ()
Startup: C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Khadra Lul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Khadra Lul\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.bigseekpro.com/pspad/{6ba1f49a-3068-454e-9361-634ced6dde50}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\Khadra Lul\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
URLSearchHook: HKCU - ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\PSPad Toolbar\tbhelper.dll ()
URLSearchHook: HKCU - DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\Khadra Lul\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=100888&babsrc=SP_ss&mntrId=108511fc000000000000002454f662bc
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386158563&from=tugs&uid=SAMSUNGXHM641JI_S26XJ9FB839044&q={searchTerms}
SearchScopes: HKCU - {5F970FDE-702B-4ef9-920C-5F2848A5AF26} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/pspad/{6BA1F49A-3068-454E-9361-634CED6DDE50}?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\Khadra Lul\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
BHO-x32: Ginyas Browser Companion - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\GinyasBrowserCompanion\jsloader.dll ( )
BHO-x32: Savings Sidekick - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\GinyasBrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - d:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll No File
BHO-x32: SMTTB2009 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\PSPad Toolbar\tbcore3.dll ()
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKLM-x32 - PSPad Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\PSPad Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\Khadra Lul\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 10.0.0.10 10.0.0.130
Tcpip\..\Interfaces\{75FA0866-E094-445C-A340-71B1CAD19A6A}: [NameServer]193.175.112.3,195.37.168.3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Extension: (YouTube) - C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0
CHR Extension: (Google Search) - C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: (DealPly) - C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0
CHR Extension: (Word CaptureX Extension) - C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0
CHR Extension: (Gmail) - C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\GinyasBrowserCompanion\blabbers-ch.crx
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Khadra Lul\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - D:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx

==================== Services (Whitelisted) =================

R2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe [143488 2013-12-04] ()
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2013-12-04] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-16] (Windows (R) 2003 DDK 3790 provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-01-28] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-11-04] (Oracle Corporation)
U2 CVPNDrv; 
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
S3 VSPerfDrv100; \??\d:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 16:38 - 2013-12-09 16:47 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Adams Prog
2013-12-09 16:37 - 2013-12-09 16:37 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Dienste
2013-12-09 16:35 - 2013-12-09 16:35 - 00000000 ____D C:\FRST
2013-12-09 16:35 - 2011-05-15 12:56 - 12362480 _____ (Mozilla) C:\Users\Khadra Lul\Desktop\Firefox Setup 4.0.1.exe
2013-12-09 16:25 - 2013-12-09 16:25 - 00000000 ____D C:\AdwCleaner
2013-12-09 15:13 - 2013-12-09 15:13 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{3510F8C8-D721-4C44-B7F9-F0026C824F11}
2013-12-08 22:02 - 2013-12-08 22:02 - 00000000 ____D C:\1d7f988944b308c3d557f58fa5b8
2013-12-08 17:27 - 2013-12-08 17:27 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{5CFD0E55-94D2-4918-A5EB-F9A643B65BB9}
2013-12-05 16:01 - 2013-12-05 16:01 - 00000000 ____D C:\d9f6169c199ab00ed7ca
2013-12-05 11:10 - 2013-12-05 11:10 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{CA6AFCF5-E80F-49E1-8439-A7D53BEE0192}
2013-12-05 11:04 - 2013-12-05 11:04 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{64FC5C15-F974-449C-8195-B0D760098583}
2013-12-05 10:43 - 2013-12-05 10:43 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{938272F0-5A7E-4DB7-80A5-11CA2E96D32E}
2013-12-05 10:35 - 2013-12-08 22:07 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Neuer Ordner
2013-12-04 13:03 - 2013-12-08 16:55 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-04 13:03 - 2013-12-04 13:03 - 00004324 _____ C:\windows\System32\Tasks\Feven 1.5-updater
2013-12-04 13:03 - 2013-12-04 13:03 - 00004226 _____ C:\windows\System32\Tasks\Feven 1.5-codedownloader
2013-12-04 13:03 - 2013-12-04 13:03 - 00004126 _____ C:\windows\System32\Tasks\Feven 1.5-enabler
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\Users\Khadra Lul\Documents\Optimizer Pro
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Optimizer Pro
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\ProgramData\WPM
2013-12-04 13:02 - 2013-12-04 13:03 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-04 13:02 - 2013-12-04 13:02 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-12-04 12:46 - 2013-12-04 12:46 - 00460320 _____ C:\Users\Khadra Lul\Downloads\Setup.exe
2013-12-03 16:01 - 2013-12-03 16:01 - 00000000 ____D C:\fde4a1cf4d75ff623f48010018dc
2013-12-02 23:04 - 2013-12-02 23:04 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{D9527B52-83B3-4FEF-8EE7-916AC218B426}
2013-12-02 21:05 - 2013-12-02 21:05 - 00000000 ____D C:\af41884c3fe8deb17718b9fb0c259888
2013-11-29 00:00 - 2013-11-29 00:00 - 00000000 ____D C:\28516434ce21fcc3e2
2013-11-27 14:08 - 2013-09-24 21:14 - 06583664 _____ (AVAST Software) C:\Pr
2013-11-27 11:39 - 2013-11-27 11:39 - 00000000 ____D C:\099afda2dd23dcd2231c
2013-11-27 11:34 - 2013-11-27 11:35 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{3E029316-EEBC-4DA8-855C-C032841E83DB}
2013-11-26 21:45 - 2013-11-26 21:45 - 00000000 ____D C:\3a3a56b19633b02008ae97
2013-11-26 16:01 - 2013-11-26 16:01 - 00000000 ____D C:\b5d67792482e90bba5deadbe6955
2013-11-26 09:20 - 2013-11-26 09:20 - 00000000 ____D C:\5ee0e00e7bef1c27c19ac5d595266f
2013-11-25 23:18 - 2013-11-25 23:18 - 00000000 ____D C:\e7b8ed182eb7d03ec008d8560fa20ec2
2013-11-25 23:08 - 2013-11-25 23:08 - 00000000 ____D C:\windows\Minidump
2013-11-25 19:35 - 2013-11-25 19:35 - 00000000 ____D C:\a2944d98842b8e8cf9b862
2013-11-25 18:21 - 2013-11-25 18:21 - 00000000 ____D C:\e2b0d51da22566a7eb223e
2013-11-25 12:39 - 2013-11-25 12:39 - 00000000 ____D C:\83bf5237a8f42a60f2ba7f66
2013-11-24 10:03 - 2013-11-24 10:03 - 00000000 ____D C:\dbf9d89c641af57954ba8ec9
2013-11-23 23:41 - 2013-11-23 23:41 - 00000000 ____D C:\071ba35009e1d4cf30a4aae9cbaa6d38
2013-11-23 23:22 - 2013-11-23 23:22 - 00000000 ____D C:\e9543240d6ab50ea31d8
2013-11-23 20:06 - 2013-11-23 20:06 - 00000000 ____D C:\582f2f81c0f1e43c7b
2013-11-22 23:49 - 2013-11-22 23:49 - 00000000 ____D C:\d0a2c0c906dc876145
2013-11-22 20:13 - 2013-11-22 20:14 - 00000000 ____D C:\8ff9b76b4740c7c807ed5fbb38c7c04b
2013-11-21 16:00 - 2013-11-21 16:00 - 00000000 ____D C:\02d3fcfe5a3d8f3a10dfa4
2013-11-20 12:39 - 2013-11-20 12:39 - 00000000 ____D C:\9363c2a935b8379f548119f4
2013-11-19 20:12 - 2013-11-19 20:12 - 00000000 ____D C:\697cfff19e563c14ce8c
2013-11-19 16:00 - 2013-11-19 16:00 - 00000000 ____D C:\87961bc9705ac530f6846e159db7875c
2013-11-19 13:26 - 2013-11-19 13:27 - 00000000 ____D C:\4abbd5ea847200aa58ceea
2013-11-18 19:18 - 2013-11-18 19:19 - 00000000 ____D C:\51482843fb94fc9dd6fb
2013-11-17 17:32 - 2013-11-17 17:32 - 00000000 ____D C:\6d4b79921625547813b271a7277a
2013-11-16 19:13 - 2013-11-16 19:13 - 00000000 ____D C:\d9a82cf27cd141157c26
2013-11-16 16:00 - 2013-11-16 16:00 - 00000000 ____D C:\aa6aecc406c418f48ca785
2013-11-16 12:44 - 2013-12-09 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 12:13 - 2013-11-16 12:13 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{25188984-6E98-486B-857C-887ABF43F49E}
2013-11-15 17:17 - 2013-11-15 17:17 - 00000000 ____D C:\d37e8151e338931ab78b14b4
2013-11-15 01:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-11-15 01:00 - 2013-11-15 01:00 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-15 01:00 - 2013-11-15 01:00 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-15 01:00 - 2013-11-15 01:00 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-15 01:00 - 2013-11-15 01:00 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-15 01:00 - 2013-11-15 01:00 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-15 01:00 - 2013-11-15 01:00 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-15 01:00 - 2013-11-15 01:00 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-15 01:00 - 2013-11-15 01:00 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-15 01:00 - 2013-11-15 01:00 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-15 01:00 - 2013-11-15 01:00 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-15 01:00 - 2013-11-15 01:00 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-15 00:58 - 2013-11-15 01:06 - 00010984 _____ C:\windows\IE11_main.log
2013-11-14 17:51 - 2013-11-14 17:51 - 00000000 ____D C:\347ec1ec4810b03282aff22168
2013-11-13 22:34 - 2013-11-13 22:34 - 00000000 ____D C:\f19992f408e4cdbdeea4
2013-11-13 22:11 - 2013-11-13 22:22 - 00091456 _____ C:\Users\Khadra Lul\Desktop\DECKBLATT.odt
2013-11-13 17:06 - 2013-11-13 17:06 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{BECEA1A2-F4F2-49AB-8109-BA8CAB68F9B0}
2013-11-13 17:03 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-13 17:03 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 17:03 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-13 17:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-13 17:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 17:03 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 17:03 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 17:03 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 17:03 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-13 17:03 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-13 17:03 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 17:03 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 17:03 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-13 17:03 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-13 17:03 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-13 17:03 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-13 17:03 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-13 17:03 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-13 17:03 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 17:03 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-13 17:03 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-13 17:03 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-13 17:03 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 17:03 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-13 17:03 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-13 17:03 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-13 17:03 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-13 17:02 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 17:02 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 17:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 11:03 - 2013-11-13 11:03 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{51C16451-8550-434E-9D34-A063D0E6697B}
2013-11-12 20:25 - 2013-11-12 20:25 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{71D232B8-05F7-4FD8-89D9-A9B154436A5A}
2013-11-12 20:24 - 2013-11-12 20:24 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{A7CF5A33-C9C5-4650-97E9-1ECBC9F79E26}
2013-11-09 13:39 - 2013-11-09 13:39 - 00000535 _____ C:\Users\Khadra Lul\Desktop\Taschenrechner.txt

==================== One Month Modified Files and Folders =======

2013-12-09 17:04 - 2011-07-21 20:51 - 02059283 _____ C:\windows\WindowsUpdate.log
2013-12-09 17:04 - 2011-07-21 20:18 - 00763510 _____ C:\windows\system32\perfh007.dat
2013-12-09 17:04 - 2011-07-21 20:18 - 00173574 _____ C:\windows\system32\perfc007.dat
2013-12-09 17:04 - 2009-07-14 06:13 - 01800756 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-09 17:00 - 2013-03-14 22:13 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Dropbox
2013-12-09 17:00 - 2012-11-07 13:41 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\GinyasBrowserCompanion
2013-12-09 16:59 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-09 16:59 - 2009-07-14 05:51 - 00302467 _____ C:\windows\setupact.log
2013-12-09 16:54 - 2010-11-21 04:47 - 00934586 _____ C:\windows\PFRO.log
2013-12-09 16:49 - 2013-11-16 12:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-09 16:49 - 2011-10-31 13:35 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Mozilla
2013-12-09 16:47 - 2013-12-09 16:38 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Adams Prog
2013-12-09 16:42 - 2013-07-05 00:24 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-09 16:37 - 2013-12-09 16:37 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Dienste
2013-12-09 16:35 - 2013-12-09 16:35 - 00000000 ____D C:\FRST
2013-12-09 16:25 - 2013-12-09 16:25 - 00000000 ____D C:\AdwCleaner
2013-12-09 16:21 - 2013-11-06 16:49 - 00198144 ___SH C:\Users\Khadra Lul\Desktop\Thumbs.db
2013-12-09 15:51 - 2009-07-14 05:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 15:51 - 2009-07-14 05:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 15:47 - 2013-07-05 00:26 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-12-09 15:45 - 2011-10-31 14:37 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Skype
2013-12-09 15:40 - 2012-05-07 12:50 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 15:13 - 2013-12-09 15:13 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{3510F8C8-D721-4C44-B7F9-F0026C824F11}
2013-12-09 14:26 - 2012-06-29 19:15 - 00001158 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000UA.job
2013-12-09 14:08 - 2011-11-29 17:51 - 00003966 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{00ED6705-1294-4AB3-8978-72C3B054FDBA}
2013-12-09 14:01 - 2013-03-14 22:21 - 00000000 ___RD C:\Users\Khadra Lul\Dropbox
2013-12-08 23:26 - 2012-06-29 19:15 - 00001136 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000Core.job
2013-12-08 22:07 - 2013-12-05 10:35 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Neuer Ordner
2013-12-08 22:02 - 2013-12-08 22:02 - 00000000 ____D C:\1d7f988944b308c3d557f58fa5b8
2013-12-08 17:27 - 2013-12-08 17:27 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{5CFD0E55-94D2-4918-A5EB-F9A643B65BB9}
2013-12-08 17:06 - 2012-07-01 12:16 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-08 17:01 - 2013-07-05 00:26 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-12-08 16:55 - 2013-12-04 13:03 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-08 16:55 - 2011-10-31 13:23 - 00000000 ___RD C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-08 16:54 - 2012-07-01 12:30 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Canon
2013-12-08 16:53 - 2012-07-01 12:31 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-06 02:48 - 2011-10-31 20:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-05 19:09 - 2011-11-20 20:03 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\CrashDumps
2013-12-05 16:01 - 2013-12-05 16:01 - 00000000 ____D C:\d9f6169c199ab00ed7ca
2013-12-05 13:10 - 2012-11-14 14:29 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Studium
2013-12-05 11:10 - 2013-12-05 11:10 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{CA6AFCF5-E80F-49E1-8439-A7D53BEE0192}
2013-12-05 11:04 - 2013-12-05 11:04 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{64FC5C15-F974-449C-8195-B0D760098583}
2013-12-05 10:43 - 2013-12-05 10:43 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{938272F0-5A7E-4DB7-80A5-11CA2E96D32E}
2013-12-04 13:03 - 2013-12-04 13:03 - 00004324 _____ C:\windows\System32\Tasks\Feven 1.5-updater
2013-12-04 13:03 - 2013-12-04 13:03 - 00004226 _____ C:\windows\System32\Tasks\Feven 1.5-codedownloader
2013-12-04 13:03 - 2013-12-04 13:03 - 00004126 _____ C:\windows\System32\Tasks\Feven 1.5-enabler
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\Users\Khadra Lul\Documents\Optimizer Pro
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\Users\Khadra Lul\AppData\Roaming\Optimizer Pro
2013-12-04 13:03 - 2013-12-04 13:03 - 00000000 ____D C:\ProgramData\WPM
2013-12-04 13:03 - 2013-12-04 13:02 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-12-04 13:02 - 2013-12-04 13:02 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-12-04 13:02 - 2011-10-31 13:23 - 00001625 _____ C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-04 12:46 - 2013-12-04 12:46 - 00460320 _____ C:\Users\Khadra Lul\Downloads\Setup.exe
2013-12-03 16:01 - 2013-12-03 16:01 - 00000000 ____D C:\fde4a1cf4d75ff623f48010018dc
2013-12-02 23:04 - 2013-12-02 23:04 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{D9527B52-83B3-4FEF-8EE7-916AC218B426}
2013-12-02 21:05 - 2013-12-02 21:05 - 00000000 ____D C:\af41884c3fe8deb17718b9fb0c259888
2013-11-29 00:00 - 2013-11-29 00:00 - 00000000 ____D C:\28516434ce21fcc3e2
2013-11-27 13:06 - 2012-10-29 19:43 - 00000000 ____D C:\Users\Khadra Lul\Documents\Bewerbung
2013-11-27 11:39 - 2013-11-27 11:39 - 00000000 ____D C:\099afda2dd23dcd2231c
2013-11-27 11:35 - 2013-11-27 11:34 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{3E029316-EEBC-4DA8-855C-C032841E83DB}
2013-11-26 21:45 - 2013-11-26 21:45 - 00000000 ____D C:\3a3a56b19633b02008ae97
2013-11-26 16:01 - 2013-11-26 16:01 - 00000000 ____D C:\b5d67792482e90bba5deadbe6955
2013-11-26 09:20 - 2013-11-26 09:20 - 00000000 ____D C:\5ee0e00e7bef1c27c19ac5d595266f
2013-11-25 23:18 - 2013-11-25 23:18 - 00000000 ____D C:\e7b8ed182eb7d03ec008d8560fa20ec2
2013-11-25 23:08 - 2013-11-25 23:08 - 00000000 ____D C:\windows\Minidump
2013-11-25 21:29 - 2013-07-04 15:01 - 00262144 ____N C:\windows\Minidump\112513-43617-01.dmp
2013-11-25 19:35 - 2013-11-25 19:35 - 00000000 ____D C:\a2944d98842b8e8cf9b862
2013-11-25 18:21 - 2013-11-25 18:21 - 00000000 ____D C:\e2b0d51da22566a7eb223e
2013-11-25 12:39 - 2013-11-25 12:39 - 00000000 ____D C:\83bf5237a8f42a60f2ba7f66
2013-11-24 10:03 - 2013-11-24 10:03 - 00000000 ____D C:\dbf9d89c641af57954ba8ec9
2013-11-23 23:41 - 2013-11-23 23:41 - 00000000 ____D C:\071ba35009e1d4cf30a4aae9cbaa6d38
2013-11-23 23:22 - 2013-11-23 23:22 - 00000000 ____D C:\e9543240d6ab50ea31d8
2013-11-23 20:06 - 2013-11-23 20:06 - 00000000 ____D C:\582f2f81c0f1e43c7b
2013-11-22 23:49 - 2013-11-22 23:49 - 00000000 ____D C:\d0a2c0c906dc876145
2013-11-22 20:14 - 2013-11-22 20:13 - 00000000 ____D C:\8ff9b76b4740c7c807ed5fbb38c7c04b
2013-11-21 16:00 - 2013-11-21 16:00 - 00000000 ____D C:\02d3fcfe5a3d8f3a10dfa4
2013-11-20 12:39 - 2013-11-20 12:39 - 00000000 ____D C:\9363c2a935b8379f548119f4
2013-11-19 20:12 - 2013-11-19 20:12 - 00000000 ____D C:\697cfff19e563c14ce8c
2013-11-19 16:00 - 2013-11-19 16:00 - 00000000 ____D C:\87961bc9705ac530f6846e159db7875c
2013-11-19 14:32 - 2011-10-31 14:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-19 14:32 - 2011-10-31 13:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-19 13:27 - 2013-11-19 13:26 - 00000000 ____D C:\4abbd5ea847200aa58ceea
2013-11-19 03:33 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-18 19:24 - 2010-09-24 13:00 - 00000000 ____D C:\Users\Khadra Lul\Documents\ITA09b
2013-11-18 19:19 - 2013-11-18 19:18 - 00000000 ____D C:\51482843fb94fc9dd6fb
2013-11-17 17:32 - 2013-11-17 17:32 - 00000000 ____D C:\6d4b79921625547813b271a7277a
2013-11-16 19:13 - 2013-11-16 19:13 - 00000000 ____D C:\d9a82cf27cd141157c26
2013-11-16 16:00 - 2013-11-16 16:00 - 00000000 ____D C:\aa6aecc406c418f48ca785
2013-11-16 12:13 - 2013-11-16 12:13 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{25188984-6E98-486B-857C-887ABF43F49E}
2013-11-16 12:07 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2013-11-15 17:17 - 2013-11-15 17:17 - 00000000 ____D C:\d37e8151e338931ab78b14b4
2013-11-15 13:19 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-15 01:06 - 2013-11-15 00:58 - 00010984 _____ C:\windows\IE11_main.log
2013-11-15 01:00 - 2013-11-15 01:00 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-15 01:00 - 2013-11-15 01:00 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-15 01:00 - 2013-11-15 01:00 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-15 01:00 - 2013-11-15 01:00 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-15 01:00 - 2013-11-15 01:00 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-15 01:00 - 2013-11-15 01:00 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-15 01:00 - 2013-11-15 01:00 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-15 01:00 - 2013-11-15 01:00 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-15 01:00 - 2013-11-15 01:00 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-15 01:00 - 2013-11-15 01:00 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-15 01:00 - 2013-11-15 01:00 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-15 01:00 - 2013-11-15 01:00 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-15 01:00 - 2013-11-15 01:00 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-15 00:57 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2013-11-14 17:51 - 2013-11-14 17:51 - 00000000 ____D C:\347ec1ec4810b03282aff22168
2013-11-13 22:34 - 2013-11-13 22:34 - 00000000 ____D C:\f19992f408e4cdbdeea4
2013-11-13 22:33 - 2013-09-25 09:09 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 22:29 - 2011-11-04 20:17 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-13 22:22 - 2013-11-13 22:11 - 00091456 _____ C:\Users\Khadra Lul\Desktop\DECKBLATT.odt
2013-11-13 18:45 - 2012-11-08 13:39 - 00000000 ____D C:\Users\Khadra Lul\Desktop\Al-Shuraim
2013-11-13 18:22 - 2011-11-16 05:13 - 00000000 ____D C:\Users\Khadra Lul\Documents\Youcam
2013-11-13 17:06 - 2013-11-13 17:06 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{BECEA1A2-F4F2-49AB-8109-BA8CAB68F9B0}
2013-11-13 11:03 - 2013-11-13 11:03 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{51C16451-8550-434E-9D34-A063D0E6697B}
2013-11-12 20:25 - 2013-11-12 20:25 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{71D232B8-05F7-4FD8-89D9-A9B154436A5A}
2013-11-12 20:24 - 2013-11-12 20:24 - 00000000 ____D C:\Users\Khadra Lul\AppData\Local\{A7CF5A33-C9C5-4650-97E9-1ECBC9F79E26}
2013-11-12 12:36 - 2013-05-19 20:14 - 00000000 ____D C:\eclipse
2013-11-09 13:39 - 2013-11-09 13:39 - 00000535 _____ C:\Users\Khadra Lul\Desktop\Taschenrechner.txt

Files to move or delete:
====================
C:\ProgramData\00etadpu.pad
C:\ProgramData\nud0repor.pad


Some content of TEMP:
====================
C:\Users\Khadra Lul\AppData\Local\Temp\atl100.dll
C:\Users\Khadra Lul\AppData\Local\Temp\BackupSetup.exe
C:\Users\Khadra Lul\AppData\Local\Temp\IERunner.dll
C:\Users\Khadra Lul\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Khadra Lul\AppData\Local\Temp\msvcp100.dll
C:\Users\Khadra Lul\AppData\Local\Temp\msvcr100.dll
C:\Users\Khadra Lul\AppData\Local\Temp\procexp64.exe
C:\Users\Khadra Lul\AppData\Local\Temp\Quarantine.exe
C:\Users\Khadra Lul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Khadra Lul\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Khadra Lul\AppData\Local\Temp\vpnclient_setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-21 10:33

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

hier die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-12-2013 03
Ran by Khadra Lul at 2013-12-09 17:07:29
Running from F:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (x32 Version: 15.4.5722.2)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (x32 Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
AMD APP SDK Runtime (Version: 2.4.595.9)
AMD VISION Engine Control Center (x32 Version: 2011.0526.27.42091)
Atheros Client Installation Program (x32 Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.820.0)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Catalyst Control Center InstallProxy (x32 Version: 2011.0526.27.42091)
Catalyst Control Center Localization All (x32 Version: 2011.0526.27.42091)
CCC Help Chinese Standard (x32 Version: 2011.0526.0026.42091)
CCC Help English (x32 Version: 2011.0526.0026.42091)
CCC Help French (x32 Version: 2011.0526.0026.42091)
CCC Help German (x32 Version: 2011.0526.0026.42091)
CCC Help Italian (x32 Version: 2011.0526.0026.42091)
CCC Help Japanese (x32 Version: 2011.0526.0026.42091)
CCC Help Portuguese (x32 Version: 2011.0526.0026.42091)
CCC Help Spanish (x32 Version: 2011.0526.0026.42091)
ccc-utility64 (Version: 2011.0526.27.42091)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
CyberLink Media Suite (x32 Version: 8.0.2227)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00)
CyberLink MediaShow (x32 Version: 5.0.1130a)
CyberLink Power2Go (x32 Version: 6.1.3802)
CyberLink PowerDirector (x32 Version: 8.0.3306)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DMUninstaller (x32)
Dotfuscator Software Services - Community Edition - DEU (x32 Version: 5.0.2300.0)
Dotfuscator Software Services - Community Edition (x32 Version: 5.0.2500.0)
Dropbox (HKCU Version: 2.4.6)
DVDVideoSoftTB DE Toolbar (HKCU Version: 10.14.0.144)
Easy Content Share (x32 Version: 1.0)
Easy Migration (x32 Version: 1.0)
EasyFileShare (x32 Version: 1.0.13)
Eco Mode (x32 Version: 1.0.0.11)
ETDWare PS/2-X64 10.0.7.2_WHQL (Version: 10.0.7.2)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
GinyasBrowserCompanion (x32)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2813041) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2813041) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2529927) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2548139) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2549864) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2635973) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2813041) (x32 Version: 1)
Intel PROSet Wireless (x32)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) SE Development Kit 6 Update 35 (x32 Version: 1.6.0.350)
Kontrola Windows Live Mesh ActiveX za daljinske veze (x32 Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
LuPO 1.0.2.45 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK - Deutsch (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.50826.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (x32 Version: 10.50.1752.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 de (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (ARP entry) (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Redists) (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Shared Components) (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Visual Studio) (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Documentation (x32 Version: 4.0.20823.0)
Microsoft XNA Game Studio Platform Tools (x32 Version: 1.3.0.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Multimedia POP (x32 Version: 1.1)
MySQL Connector Net 6.4.4 (x32 Version: 6.4.4)
Netscape Navigator (9.0.0.6) (x32 Version: 9.0.0.6 (en-US))
Notepad++ (x32 Version: 6.2)
Optimizer Pro v3.2 (x32) <==== ATTENTION
PhoneShare (x32 Version: 9.1.4)
Pixum Fotobuch (x32 Version: 5.0.1)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
PSPad editor (x32)
PSPad Toolbar (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6400)
Samsung AnyWeb Print (x32 Version: 2.0.67.1)
Samsung Control Center (x32 Version: 1.0)
Samsung Printer Live Update (x32)
Samsung Recovery Solution 5 (x32 Version: 5.0.1.3)
Samsung Support Center 1.0 (x32 Version: 1.1.38)
Samsung Universal Print Driver (x32 Version: 2.02.05.00:27)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
Samsung Update Plus (x32 Version: 3.0.1.17)
Savings Sidekick (x32 Version: 1.23.151.151)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
Shrew Soft VPN Client
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (x32 Version: 1)
Sicherheitsupdate für Microsoft Visual Studio 2010 Ultimate - DEU (KB2645410) (x32 Version: 1)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.10 (x32 Version: 6.10.104)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
TeamViewer 7 (x32 Version: 7.0.12280)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.3.5500.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
User Guide (x32 Version: 1.0)
VideoPlayer v2.0.6 (x32 Version: v2.0.6)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)
VPN Client (x32)
WCF RIA Services V1.0 SP1 (x32 Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX kontrola za daljinske veze (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
WordCaptureX Pro (x32 Version: 4.0.0)
WPM17.8.0.3159 (x32 Version: 17.8.0.3159)
XAMPP 1.7.7 (x32)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (x32 Version: 15.4.5722.2)
원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤 (x32 Version: 15.4.5722.2)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (x32 Version: 15.4.5722.2)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {058A8357-CE78-4F18-A8B7-C44EC2F35A11} - System32\Tasks\Feven 1.5-firefoxinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-firefoxinstaller.exe
Task: {065C0322-A141-417F-A707-6595D9CE05DC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000Core => C:\Users\Khadra Lul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {11EE5FD4-E46E-4D3E-BE64-5D42B308EC2F} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {146831AB-977B-4466-A37C-8132E2964E9C} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Samsung Control Center\EBM\EasyBatteryMgr4.exe [2011-05-09] (SAMSUNG Electronics co., LTD.)
Task: {2D0B4942-5AB8-441F-AB41-FB34A50DDDB1} - System32\Tasks\SvcDelay => C:\Windows\temp\SvcDelay.exe
Task: {5068E459-E368-4213-B180-05C51376728E} - \DealPlyUpdate No Task File
Task: {58CF43F9-E85E-4456-B930-77B8C686B87C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {5A54FB9D-F175-4DF7-834F-D68B9378949D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {68371DF3-A873-47B2-B5DB-5CDD25C0DD86} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {6BB86ADB-F46E-4783-A6D1-680301927677} - System32\Tasks\EcoMode => C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe [2011-06-06] (Samsung Electronics)
Task: {81B46C8D-F2F6-43A2-A560-F23BA244C322} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-03-29] (SEC)
Task: {8DE93BA1-ECE0-4A07-BD4B-7B4F402F782E} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {91F305C2-7AAC-4AD1-A2D7-18F2778CAE0E} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe [2011-02-16] (Samsung Electronics Co., Ltd.)
Task: {999E5894-6670-4EB0-BC3F-3EFEA69D74B8} - System32\Tasks\Feven 1.5-updater => C:\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe
Task: {A3022CE0-9D49-4AFB-A9DD-249A42858FAF} - System32\Tasks\{1FDFB76D-2430-4F25-BC54-5791FA3DB5CF} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {BD9FC24B-4CA7-46E5-8D2B-6D431623AC67} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {C5F246C3-01C1-4425-9059-361BB99B99F1} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe [2011-06-04] (Samsung Electronics Co., Ltd.)
Task: {C64CDF68-B8D6-4E52-8E0E-B201ED5C27C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000UA => C:\Users\Khadra Lul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {C9977C9E-446C-484C-87AA-A4AEC6FB3895} - System32\Tasks\Feven 1.5-chromeinstaller => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe
Task: {CDBD29EE-1DB9-4688-A825-1AAD9672AB27} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {DC4097BB-80E7-4AA8-8677-2016C868A029} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe [2011-04-14] (Samsung Electronics Co., Ltd.)
Task: {E421491A-7716-4C68-BED2-647801B9736A} - System32\Tasks\Feven 1.5-codedownloader => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe
Task: {E4AE965F-823D-4E78-A7B3-DA31DF503BF7} - System32\Tasks\Feven 1.5-enabler => C:\Program Files (x86)\Feven 1.5\Feven 1.5-enabler.exe
Task: {E69545C2-A3B7-4E78-8563-A33D8EB77554} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {EA9AD490-377C-4893-990C-B638421AF152} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-14] (CyberLink)
Task: {F68CB0E6-6991-4A72-BDAF-4C3CE9DB6C76} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000Core.job => C:\Users\Khadra Lul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000UA.job => C:\Users\Khadra Lul\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-05-25 16:25 - 2011-05-25 16:25 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-04 13:02 - 2013-10-29 14:08 - 02869720 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Khadra Lul\AppData\Roaming\Dropbox\bin\libcef.dll
2011-07-21 05:21 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll
2011-07-21 05:21 - 2011-02-16 17:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll
2011-07-21 05:27 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2013 05:00:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/09/2013 04:42:15 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\AVAST Software\Avast\setup\avast.setup Files\AVAST Software\Avast\setup\avast.setup"  /uninstwiz ; Beschreibung = avast! Free Antivirus Setup; Fehler = 0x8007043c).

Error: (12/09/2013 04:22:29 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/09/2013 04:19:11 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/09/2013 04:00:55 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x8004231f).

Error: (12/09/2013 03:44:42 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/09/2013 01:48:47 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2013 10:05:58 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2013 10:03:38 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Visual Studio 2010 Ultimate - DEU -- Disk full: Nicht genügend freier Speicher auf dem Datenträger -- Volume: D:; benötigter Speicher: 39.584 KB; verfügbarer Speicher: 7.880 KB. Geben Sie Speicherplatz frei, und wiederholen Sie den Vorgang.

Error: (12/08/2013 10:03:38 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Visual Studio 2010 Ultimate - DEU -- Disk full: Nicht genügend freier Speicher auf dem Datenträger -- Volume: D:; benötigter Speicher: 39.584 KB; verfügbarer Speicher: 7.880 KB. Geben Sie Speicherplatz frei, und wiederholen Sie den Vorgang.


System errors:
=============
Error: (12/09/2013 04:56:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (12/09/2013 04:52:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:52:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:42:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:25:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (12/09/2013 04:21:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (12/09/2013 05:00:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2013 04:42:15 PM) (Source: System Restore)(User: )
Description: C:\Program Files\AVAST Software\Avast\setup\avast.setup Files\AVAST Software\Avast\setup\avast.setup"  /uninstwiz avast! Free Antivirus Setup0x8007043c

Error: (12/09/2013 04:22:29 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2013 04:19:11 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2013 04:00:55 PM) (Source: System Restore)(User: )
Description: C:\windows\system32\svchost.exe -k netsvcsWindows Update0x8004231f

Error: (12/09/2013 03:44:42 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2013 01:48:47 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2013 10:05:58 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2013 10:03:38 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Produkt: Microsoft Visual Studio 2010 Ultimate - DEU -- Disk full: Nicht genügend freier Speicher auf dem Datenträger -- Volume: D:; benötigter Speicher: 39.584 KB; verfügbarer Speicher: 7.880 KB. Geben Sie Speicherplatz frei, und wiederholen Sie den Vorgang.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/08/2013 10:03:38 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Produkt: Microsoft Visual Studio 2010 Ultimate - DEU -- Disk full: Nicht genügend freier Speicher auf dem Datenträger -- Volume: D:; benötigter Speicher: 39.584 KB; verfügbarer Speicher: 7.880 KB. Geben Sie Speicherplatz frei, und wiederholen Sie den Vorgang.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 5611.81 MB
Available physical RAM: 3848.85 MB
Total Pagefile: 6354.3 MB
Available Pagefile: 4293.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230 GB) (Free:0.99 GB) NTFS
Drive d: () (Fixed) (Total:342.9 GB) (Free:0.01 GB) NTFS
Drive f: () (Removable) (Total:0.97 GB) (Free:0.8 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: C469F6B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=343 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

========================================================
Disk: 1 (Size: 1000 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)

==================== End Of Log ============================

zudem habe ich verdächtige Dienste gefunden: Optimizer Pro Crash Monitoer, Cisco und Cyberlink Rich Video Service.

zudem habe ich 3 verdächtige Dienste gefunden: Optomizer Pro Crash Monitor, Cyberlink rich Video Service und Cisco. Sowie ein komisches Programm, nennt sich Feven 1.5.
Falls jemand damit was anfangen kann...

außerdem ist es so, dass es anzeigt wird, dass der gesamte Speicher auf der Festplatte C und D besetzt sind. Das kann aber natürlich nicht sein, dass über 400 GB besetzt sind! Wie macht es das?

cosinus · 10.12.2013, 09:33

Was ist mit meiner Frage nach bisherigen Funden, irgenwelche schonmal da gewesen wenn ja wo sind die Logs dazu?

Zitat:

außerdem ist es so, dass es anzeigt wird, dass der gesamte Speicher auf der Festplatte C und D besetzt sind. Das kann aber natürlich nicht sein, dass über 400 GB besetzt sind! Wie macht es das?

Das ist ein ganz anderes Problem. Erstmal muss der Rechner entseucht werden!

Alamo · 10.12.2013, 15:09

Ja AdwCleaner hat was gefunden.
hier das AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.001 - Report created 09/12/2013 at 17:16:28
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username :**********-PC
# Running from : C:\Users\************
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Found : C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
Folder Found : C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Folder Found C:\Program Files (x86)\Astroburn Toolbar
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Program Files (x86)\DealPly
Folder Found C:\Program Files (x86)\GinyasBrowserCompanion
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup 
Folder Found C:\Program Files (x86)\optimizer pro
Folder Found C:\Program Files (x86)\Savings Sidekick
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\IBUpdaterService
Folder Found C:\ProgramData\InstallMate
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Found C:\ProgramData\Premium
Folder Found C:\Users\Khadra Lul\AppData\Local\Babylon
Folder Found C:\Users\Khadra Lul\AppData\Local\Conduit
Folder Found C:\Users\Khadra Lul\AppData\Local\Savings Sidekick
Folder Found C:\Users\Khadra Lul\AppData\Local\TempDir
Folder Found C:\Users\Khadra Lul\AppData\LocalLow\bbrs_002.tb
Folder Found C:\Users\Khadra Lul\AppData\LocalLow\Toolbar4
Folder Found C:\Users\Khadra Lul\AppData\Roaming\Babylon
Folder Found C:\Users\Khadra Lul\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\Users\Khadra Lul\AppData\Roaming\GinyasBrowserCompanion
Folder Found C:\Users\Khadra Lul\AppData\Roaming\OpenCandy
Folder Found C:\Users\Khadra Lul\AppData\Roaming\optimizer pro
Folder Found C:\Users\Khadra Lul\Documents\optimizer pro
Folder Found C:\Users\KHADRA~1\AppData\Local\Temp\Conduit
Folder Found C:\Users\KHADRA~1\AppData\Local\Temp\OCS

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Savings Sidekick
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Blabbers
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F970FDE-702B-4EF9-920C-5F2848A5AF26}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\OCS
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto Toolbar
Key Found : [x64] HKCU\Software\Blabbers
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F970FDE-702B-4EF9-920C-5F2848A5AF26}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : [x64] HKCU\Software\OCS
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Somoto Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BFlix
Key Found : HKLM\Software\BrowserCompanion
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5555CC4C-FA2B-4D69-8296-B6AE5E95C0B7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Key Found : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{63BEF061-5EFC-4753-9806-ED0573BC7C4B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Key Found : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Key Found : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Key Found : HKLM\Software\DealPly
Key Found : HKLM\Software\GinyasBrowserCompanion
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E44BB13-2523-468B-BF51-58D5F52A84F6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk(1)_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk(1)_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://www.bigseekpro.com/pspad/{6ba1f49a-3068-454e-9361-634ced6dde50}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www.bigseekpro.com/pspad/{6BA1F49A-3068-454E-9361-634CED6DDE50}?s_src=newtab

-\\ Google Chrome v

Wie man in der 3. letzten Zeile erkennen kann: Optimizer Pro. Das muss es doch in Verbindung damit sein oder? Ich hab zurzeit jede Menge mit Studium zu tun und Morgen Praktikum, deswegen kann ich heute leider nicht Malware drüberlaufen lassen. Ich kann sie aber darum bitten das mal zu tun.

und das hat AdwCleaner gelöscht:

Code:

ATTFilter

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Program Files (x86)\Astroburn Toolbar
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\GinyasBrowserCompanion
Folder Deleted : C:\Program Files (x86)\MyPC Backup 
[!] Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\Savings Sidekick
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Khadra Lul\AppData\Local\Babylon
Folder Deleted : C:\Users\Khadra Lul\AppData\Local\Conduit
Folder Deleted : C:\Users\Khadra Lul\AppData\Local\Savings Sidekick
Folder Deleted : C:\Users\Khadra Lul\AppData\Local\TempDir
Folder Deleted : C:\Users\KHADRA~1\AppData\Local\Temp\Conduit
Folder Deleted : C:\Users\KHADRA~1\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\Khadra Lul\AppData\LocalLow\bbrs_002.tb
Folder Deleted : C:\Users\Khadra Lul\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Khadra Lul\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Khadra Lul\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Khadra Lul\AppData\Roaming\GinyasBrowserCompanion
Folder Deleted : C:\Users\Khadra Lul\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Khadra Lul\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Khadra Lul\Documents\optimizer pro
Folder Deleted : C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
File Deleted : C:\END
File Deleted : C:\Users\Khadra Lul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Key Deleted : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Key Deleted : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Key Deleted : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk(1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk(1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_java-se-development-kit-jdk_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5555CC4C-FA2B-4D69-8296-B6AE5E95C0B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{63BEF061-5EFC-4753-9806-ED0573BC7C4B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E44BB13-2523-468B-BF51-58D5F52A84F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F970FDE-702B-4EF9-920C-5F2848A5AF26}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Savings Sidekick
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BFlix
Key Deleted : HKLM\Software\BrowserCompanion
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\GinyasBrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v

[ File : C:\Users\Khadra Lul\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18106 octets] - [09/12/2013 17:16:28]
AdwCleaner[S0].txt - [17413 octets] - [09/12/2013 17:21:57]

Ich weiß, dass Avast 12 Sachen gefunden hat, hab aber irgendwie kein Logfile dazu, sorry. Legt Avast es irgendwo automatisch an?

EDIT: Macht es einen großen Unterschied ob ich die Scans im abgesicherten Modus oder im normalen Modus starte?

cosinus · 10.12.2013, 15:30

Zitat:

Ich weiß, dass Avast 12 Sachen gefunden hat, hab aber irgendwie kein Logfile dazu, sorry. Legt Avast es irgendwo automatisch an?

Schau nach in C:\ProgramData\AVAST Software\Avast\log

Alamo · 10.12.2013, 21:04

Ich hab der Kollegin gebitten nachzugucken und mir zu senden. Lässt sich irgendwas aus dem zurzeit Bekannten gewinnen?

cosinus · 10.12.2013, 21:07

Ich seh da Reste von einem ransom, also vermutlichen Sperrbildschirm-Trojaner, der Geld verlangt. Das Log würde ich trotzdem schon gerne sehen bevor wir weitermachen

Alamo · 10.12.2013, 22:06

ok, die Logfile lässt auf sich warten. Ihr PC hängt wieder. Ich hab sie gebeten im abgesicherten Mouds zu gucken ob sich der Dienst wieer selbst aktiviert hat, und alles scannen zu lassen. Es war vermutlich ein Fehler den Dienst vorhin auszuschalten bevor ich die ganzen Scans durchlaufen gelassen hab... aber da wir müde sind und ich Morgen eine wichtige Prüfuzng hab, vertagen wir es dann wohl. Was ist hier die allgemeine meinug über Sysinternals Programme? Ich habe ihr welche draufgepackt.

Generell: abgesehen von den Logfile den ich noch senden muss, was epfehlt ihr uns, wie wir da am besten vorgehen sollen?

cosinus · 10.12.2013, 22:38

Moment mal, geben wir jetzt über zwei Orte remote Support oder wie?

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Alamo · 21.12.2013, 13:38

dieses Thema kann geschlossen werde. Problem beseitigt. Danke cosinus für die Hilfe

09.12.2013, 00:19	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PC ist stark befallen. Suche Programm/e, mit dem man Viren und andere Schädlinge entfernen kann. (Extern über Stick) Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags) __________________ Logfiles bitte immer in CODE-Tags posten

10.12.2013, 21:07	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PC ist stark befallen. Suche Programm/e, mit dem man Viren und andere Schädlinge entfernen kann. (Extern über Stick) Ich seh da Reste von einem ransom, also vermutlichen Sperrbildschirm-Trojaner, der Geld verlangt. Das Log würde ich trotzdem schon gerne sehen bevor wir weitermachen __________________ Logfiles bitte immer in CODE-Tags posten

PC ist stark befallen. Suche Programm/e, mit dem man Viren und andere Schädlinge entfernen kann. (Extern über Stick)

Plagegeister aller Art und deren Bekämpfung: PC ist stark befallen. Suche Programm/e, mit dem man Viren und andere Schädlinge entfernen kann. (Extern über Stick)