|
Plagegeister aller Art und deren Bekämpfung: Verdacht auf Malware (Win7, nicht dringend)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.12.2013, 16:25 | #1 |
| Verdacht auf Malware (Win7, nicht dringend) Hallo, der Rechner meiner Freundin zeigt folgende Symptome: 1) Freeze von Websiten mehrmals täglich ohne die üblichen Fehlermeldungen auch ohne Browser- Plugins (IE10, Win7prof. 64bit) 2) Zunahme von Scam-Mails aller Art (Paypal, Abmahnungen.....) 3) Regelmäßige Scans mit Comodo Internet Security zeigen sozusagen "nichts" Vielleicht könnt Ihr mir helfen, eine komplette Neuinstallation zu umgehen? Liebe Grüße, Alois Geändert von Alois S (10.12.2013 um 16:31 Uhr) |
10.12.2013, 16:48 | #2 |
/// the machine /// TB-Ausbilder | Verdacht auf Malware (Win7, nicht dringend) hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
10.12.2013, 17:31 | #3 |
| Verdacht auf Malware (Win7, nicht dringend) Hallo "schrauber",
__________________bitte sehr: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013 Ran by Evelyn (administrator) on DELLA on 10-12-2013 17:20:45 Running from C:\Users\Evelyn\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Symantec Corporation) D:\GHOST\Agent\VProSvc.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe () C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhoto.exe (Voyetra Turtle Beach, Inc.) C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Symantec Corporation) D:\GHOST\Agent\VProTray.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragmonitorservice.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragactivitymonitor.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Symantec) D:\GHOST\Shared\Drivers\SymSnapServicex64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor) HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe [2883456 2012-05-14] (Ashampoo Development GmbH & Co. KG) HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO) HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1 MountPoints2: {03e891f0-1fe5-11e3-af7d-806e6f6e6963} - F:\autoRcd.exe HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe [1654784 2009-08-30] (Voyetra Turtle Beach, Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) HKLM-x32\...\Run: [DefragTaskBar] - C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe [927072 2009-12-16] () HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Norton Ghost 15.0] - D:\GHOST\Agent\VProTray.exe [2596712 2009-10-01] (Symantec Corporation) HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.) HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft) HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun AppInit_DLLs: C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO) AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO) Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Evelyn\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe () BootExecute: autocheck autochk * DfSDKBt ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87DE93B1D0C5CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}: [NameServer]8.26.56.26,156.154.70.22 Tcpip\..\Interfaces\{DC4B6AD0-A5E1-4DF2-9500-170112465B76}: [NameServer]8.26.56.26,156.154.70.22 ==================== Services (Whitelisted) ================= R2 Ashampoo Defrag Service; C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe [890208 2009-12-16] () R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-09-19] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] () R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.) S3 GenericMount Helper Service; D:\GHOST\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation) S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG) R2 Norton Ghost; D:\GHOST\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia) S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) S3 Symantec SymSnap VSS Provider; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) R3 SymSnapService; D:\GHOST\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec) R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] () ==================== Drivers (Whitelisted) ==================== R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-18] (DT Soft Ltd) R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO) R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [12824 2011-03-08] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-18] (Duplex Secure Ltd.) R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft) R3 USBAU; C:\Windows\System32\drivers\CM10264.sys [1306624 2009-09-08] (C-Media Electronics Inc) R3 usbscan; C:\Windows\SysWow64\drivers\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation) R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-11-08] (OpenLibSys.org) U2 V2iMount; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-10 17:20 - 2013-12-10 17:21 - 00012461 _____ C:\Users\Evelyn\Desktop\FRST.txt 2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST 2013-12-10 17:20 - 2013-12-10 17:03 - 01927982 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe 2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx 2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx 2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx 2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv 2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps 2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx 2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx 2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps 2013-12-08 21:40 - 2013-12-08 21:41 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv 2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps 2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps 2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps 2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls 2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps 2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx 2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx 2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps 2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx 2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv 2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps 2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps 2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps 2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps 2013-12-04 07:02 - 2013-12-06 20:26 - 00327168 ___SH C:\Users\Evelyn\Thumbs.db 2013-12-02 02:53 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk 2013-12-02 02:52 - 2013-12-10 06:16 - 00001792 _____ C:\Windows\setupact.log 2013-12-02 02:52 - 2013-12-02 02:52 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 18:53 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner 2013-11-30 17:55 - 2013-11-30 17:56 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer 2013-11-30 17:48 - 2013-12-05 00:25 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner 2013-11-30 17:47 - 2013-12-10 00:11 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke 2013-11-30 17:47 - 2013-12-05 07:05 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche 2013-11-22 06:30 - 2013-12-10 06:16 - 00012810 _____ C:\Users\Evelyn\DesktopStCenter.txt 2013-11-22 02:01 - 2013-12-02 02:53 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL 2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht 2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc 2013-11-18 09:31 - 2013-11-18 10:00 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-11-16 13:26 - 2013-12-10 17:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-16 13:26 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-15 10:10 - 2013-11-18 09:31 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub 2013-11-14 15:57 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2013-11-14 15:57 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2013-11-14 15:57 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-11-14 15:57 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2013-11-14 15:57 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2013-11-14 15:57 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-11-14 15:57 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2013-11-14 15:57 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2013-11-14 15:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2013-11-14 15:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2013-11-14 15:57 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2013-11-14 15:57 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2013-11-14 15:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-11-14 15:57 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2013-11-14 15:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2013-11-14 15:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2013-11-14 15:57 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-11-14 15:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-11-14 15:56 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2013-11-14 15:56 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2013-11-14 15:48 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-14 15:48 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-14 15:48 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-14 15:48 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-14 15:48 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-14 15:48 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-14 15:48 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-14 15:48 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-14 15:48 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-14 15:48 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-14 15:48 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 15:48 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-14 14:57 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 14:57 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 14:56 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 14:56 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 14:56 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 14:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 14:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 14:56 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 14:56 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 14:56 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 14:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 14:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 14:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 14:56 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 14:56 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 14:56 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 14:56 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 14:56 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 14:56 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 14:56 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 14:56 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 14:56 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 14:56 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 14:56 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 14:56 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 14:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 14:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 14:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 14:56 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 14:56 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch 2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt 2013-11-10 21:04 - 2013-12-02 02:47 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10 ==================== One Month Modified Files and Folders ======= 2013-12-10 17:21 - 2013-12-10 17:20 - 00012461 _____ C:\Users\Evelyn\Desktop\FRST.txt 2013-12-10 17:21 - 2013-11-16 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST 2013-12-10 17:17 - 2013-11-08 22:23 - 00002047 _____ C:\Users\Evelyn\Documents\PTBSync-AutoExport-Evelyn.ini 2013-12-10 17:16 - 2013-09-18 22:10 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2013-12-10 17:03 - 2013-12-10 17:20 - 01927982 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe 2013-12-10 16:14 - 2013-09-17 23:08 - 01054183 _____ C:\Windows\WindowsUpdate.log 2013-12-10 06:24 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-10 06:24 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-10 06:16 - 2013-12-02 02:52 - 00001792 _____ C:\Windows\setupact.log 2013-12-10 06:16 - 2013-11-22 06:30 - 00012810 _____ C:\Users\Evelyn\DesktopStCenter.txt 2013-12-10 06:16 - 2013-10-14 14:07 - 00000000 ____D C:\Users\Evelyn\Desktop\DigiPhoto 2013-12-10 06:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-10 03:36 - 2013-09-18 18:55 - 00004096 ___SH C:\VSNAP.IDX 2013-12-10 00:11 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke 2013-12-10 00:11 - 2013-09-17 23:13 - 00000000 ____D C:\Users\Evelyn 2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx 2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx 2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx 2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv 2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps 2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx 2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx 2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps 2013-12-08 21:41 - 2013-12-08 21:40 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv 2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps 2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps 2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps 2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls 2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps 2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx 2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx 2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps 2013-12-06 20:26 - 2013-12-04 07:02 - 00327168 ___SH C:\Users\Evelyn\Thumbs.db 2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx 2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv 2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps 2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps 2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps 2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps 2013-12-05 07:05 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche 2013-12-05 00:27 - 2013-11-07 21:11 - 00000000 ____D C:\Users\Evelyn\Downloads\wmv 2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pps 2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pdf 2013-12-05 00:25 - 2013-11-30 17:48 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner 2013-12-04 18:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-12-02 02:53 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk 2013-12-02 02:53 - 2013-11-22 02:01 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2013-12-02 02:53 - 2013-09-17 23:13 - 00000000 ___RD C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-02 02:52 - 2013-12-02 02:52 - 00000000 _____ C:\Windows\setuperr.log 2013-12-02 02:47 - 2013-11-10 21:04 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10 2013-12-02 02:47 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\SONSTIGES 2013-12-02 01:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration 2013-12-01 18:53 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner 2013-11-30 17:56 - 2013-11-30 17:55 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer 2013-11-29 21:29 - 2013-09-21 21:51 - 00000000 ____D C:\Users\Evelyn\Documents\SCHRIFTWECHSEL 2013-11-29 09:22 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\GEDICHTE 2013-11-22 02:10 - 2013-09-18 23:48 - 00000000 ___RD C:\Users\Evelyn\Desktop\WARTUNG 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL 2013-11-22 02:01 - 2013-09-18 16:29 - 00000000 ____D C:\Program Files\FRITZ!DSL 2013-11-22 01:50 - 2013-09-18 00:03 - 00000000 ____D C:\Windows\Panther 2013-11-22 01:43 - 2013-09-18 16:59 - 00000000 ___RD C:\Users\Evelyn\Desktop\Alo-Support 2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht 2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc 2013-11-18 16:37 - 2013-09-18 15:53 - 00000000 ___RD C:\Users\Evelyn\Desktop\Verknüpfungen 2013-11-18 10:00 - 2013-11-18 09:31 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub 2013-11-18 09:31 - 2013-11-15 10:10 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-09-18 18:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-16 13:28 - 2013-09-18 18:04 - 00000000 ____D C:\ProgramData\Adobe 2013-11-16 13:28 - 2013-09-18 18:03 - 00000000 ____D C:\Users\Evelyn\AppData\Local\Adobe 2013-11-16 13:28 - 2013-09-18 01:50 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Adobe 2013-11-16 13:26 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-16 13:26 - 2013-09-18 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-16 13:26 - 2013-09-18 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-14 17:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-11-14 15:49 - 2013-09-18 00:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-14 15:47 - 2013-09-18 20:13 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 15:45 - 2013-09-18 20:13 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch 2013-11-12 06:33 - 2013-09-18 22:08 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2013-11-12 06:33 - 2013-09-18 22:08 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll 2013-11-12 06:33 - 2013-09-18 22:08 - 00000000 ____D C:\Program Files (x86)\Comodo 2013-11-11 17:41 - 2013-10-01 13:28 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-10 00:33 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- und: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013 Ran by Evelyn at 2013-12-10 17:21:16 Running from C:\Users\Evelyn\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: COMODO Antivirus (Disabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: COMODO Defense+ (Disabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB} ==================== Installed Programs ====================== 7-Zip 4.62 (x32) 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe AIR (x32 Version: 3.9.0.1210) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Alcor Micro USB Card Reader (x32 Version: 4.7.1245.73473) AMD Accelerated Video Transcoding (Version: 12.10.100.30328) AMD Catalyst Install Manager (Version: 8.0.911.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.80328.2204) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Ashampoo Magical Defrag 3 (x32 Version: 3.0.2) Ashampoo UnInstaller 4 v.4.30 (x32 Version: 4.3.0) Ashampoo UnInstaller 4.04 (x32 Version: 4.0.4) Ashampoo WinOptimizer 6.60 (x32 Version: 6.6.0) Ashampoo WinOptimizer 9 v.9.2.0 (x32 Version: 9.2.0) AudioAdvantageMicro (x32 Version: 1.01.01.02) Bonjour (Version: 3.0.0.10) Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 14.2.4.1) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Comodo Dragon (x32 Version: 30.0.0.0) COMODO Internet Security (Version: 5.10.31649.2253) DAEMON Tools Lite (x32 Version: 4.45.4.0314) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) FRITZ!DSL64 GeekBuddy (x32 Version: 4.9.69) GetDataBack for NTFS (x32 Version: 4.25.000) Intel(R) Management Engine Components (x32 Version: 9.5.14.1724) Intel(R) Rapid Storage Technology (Version: 12.8.2.1000) Intel® Trusted Connect Service Client (Version: 1.28.487.1) Internet Explorer (Enable DEP) IrfanView (remove only) (x32 Version: 4.36) iTunes (Version: 11.1.0.126) Java 7 Update 45 (x32 Version: 7.0.450) K-Lite Mega Codec Pack 8.8.0 (x32 Version: 8.8.0) LiveUpdate 3.2 (Symantec Corporation) (x32 Version: 3.2.0.68) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000) Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000) Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000) Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MPC-HC 1.7.0 (x32 Version: 1.7.0.7858) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Nero 8 Ultra Edition HD (x32 Version: 8.3.465) neroxml (x32 Version: 1.0.0) Norton Ghost (x32 Version: 15.0.0.35659) Oblivion (x32 Version: 1.00.0000) PTBSync (Atomuhr Synchronisation & Terminkalender) (x32 Version: 5.7c) QuickTime (x32 Version: 7.74.80.86) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6650) Realtek High Definition Audio Driver (x32 Version: 6.0.1.7027) Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32) SmartPhoto P60 (x32 Version: V3.1.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32) VCRedistSetup (x32 Version: 1.0.0) VLC media player 2.1.1 (x32 Version: 2.1.1) ==================== Restore Points ========================= 29-11-2013 07:42:09 Geplanter Prüfpunkt 02-12-2013 01:39:42 BASIS 09-12-2013 07:52:12 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {E3C74428-C86C-4250-B2CF-8C1406389C8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-18 01:13 - 2009-12-17 20:39 - 03614016 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\ash_inet2.dll 2013-09-18 23:39 - 2009-03-02 14:50 - 00135168 _____ () C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhotoRes.dll 2013-09-18 23:39 - 2004-04-06 17:45 - 00040960 _____ () C:\Program Files (x86)\Plustek\SmartPhoto P60\DetectSession.dll 2013-09-18 00:47 - 2013-08-28 01:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/10/2013 07:37:45 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x560 Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0 Pfad der fehlerhaften Anwendung: dragon_updater.exe1 Pfad des fehlerhaften Moduls: dragon_updater.exe2 Berichtskennung: dragon_updater.exe3 Error: (12/10/2013 00:30:33 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (12/10/2013 00:30:33 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (12/10/2013 00:30:31 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/09/2013 07:38:30 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3 Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00042a31 ID des fehlerhaften Prozesses: 0x554 Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0 Pfad der fehlerhaften Anwendung: dragon_updater.exe1 Pfad des fehlerhaften Moduls: dragon_updater.exe2 Berichtskennung: dragon_updater.exe3 Error: (12/09/2013 08:20:39 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x02257c98 ID des fehlerhaften Prozesses: 0x6bc Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0 Pfad der fehlerhaften Anwendung: dragon_updater.exe1 Pfad des fehlerhaften Moduls: dragon_updater.exe2 Berichtskennung: dragon_updater.exe3 Error: (12/09/2013 08:12:42 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (12/09/2013 08:12:31 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (12/09/2013 08:12:30 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (12/09/2013 01:07:26 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. System errors: ============= Error: (12/10/2013 07:37:46 AM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/10/2013 06:17:28 AM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x80004005 Error: (12/09/2013 08:19:14 PM) (Source: BROWSER) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Error: (12/09/2013 07:38:33 PM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/09/2013 08:20:42 AM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/08/2013 01:09:08 PM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/08/2013 06:56:27 AM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/08/2013 06:53:44 AM) (Source: DCOM) (User: ) Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575} Error: (12/07/2013 07:03:52 AM) (Source: Service Control Manager) (User: ) Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/07/2013 01:53:33 AM) (Source: BROWSER) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Microsoft Office Sessions: ========================= Error: (12/10/2013 07:37:45 AM) (Source: Application Error)(User: ) Description: dragon_updater.exe0.0.0.05280dfa3unknown0.0.0.000000000c00000050000000056001cef566ff56976aC:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeunknown936346ac-6165-11e3-a9d5-782bcbac6327 Error: (12/10/2013 00:30:33 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe Error: (12/10/2013 00:30:33 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe Error: (12/10/2013 00:30:31 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe Error: (12/09/2013 07:38:30 PM) (Source: Application Error)(User: ) Description: dragon_updater.exe0.0.0.05280dfa3ole32.dll6.1.7601.175144ce7b96fc000000500042a3155401cef50875395e81C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeC:\Windows\syswow64\ole32.dll1925aff0-6101-11e3-a231-782bcbac6327 Error: (12/09/2013 08:20:39 AM) (Source: Application Error)(User: ) Description: dragon_updater.exe0.0.0.05280dfa3unknown0.0.0.000000000c000000502257c986bc01cef4a20f1969d0C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeunknown676250dd-60a2-11e3-9022-782bcbac6327 Error: (12/09/2013 08:12:42 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe Error: (12/09/2013 08:12:31 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe Error: (12/09/2013 08:12:30 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe Error: (12/09/2013 01:07:26 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe ==================== Memory info =========================== Percentage of memory in use: 21% Total physical RAM: 12270.45 MB Available physical RAM: 9612.19 MB Total Pagefile: 24539.07 MB Available Pagefile: 21545.23 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1001.43 GB) (Free:956.67 GB) NTFS Drive d: (DATEN) (Fixed) (Total:1397.26 GB) (Free:1113.45 GB) NTFS Drive e: (PROGRAMME) (Fixed) (Total:382.81 GB) (Free:275.42 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 40000000) Partition 1: (Not Active) - (Size=267 MB) - (Type=DE) Partition 2: (Active) - (Size=13 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=1001 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=383 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 521402D6) Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS) ==================== End Of Log ============================ und wie gesagt - es eilt nicht...... Danke und liebe Grüße vom Alois Geändert von Alois S (10.12.2013 um 17:59 Uhr) |
11.12.2013, 10:07 | #4 |
/// the machine /// TB-Ausbilder | Verdacht auf Malware (Win7, nicht dringend) Gegen die Mails kannste nichts machen, ausser die Mailadresse wechseln. Rechner sieht soweit ok aus. Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.12.2013, 10:51 | #5 |
| Verdacht auf Malware (Win7, nicht dringend) ------------------------------------------------------------------------------------------------------------------------- Hallo schrauber, hm - war alles ohne Fund, daher poste ich hier nur das FRST log(daran sieht man ja, dass ich alles ausgeführt habe); auf Wunsch poste ich aber klarerweise auch die 3 anderen Logs, ja? FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01 Ran by Evelyn (administrator) on DELLA on 11-12-2013 17:35:14 Running from C:\Users\Evelyn\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Symantec Corporation) D:\GHOST\Agent\VProSvc.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe (Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe () C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhoto.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Voyetra Turtle Beach, Inc.) C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Symantec Corporation) D:\GHOST\Agent\VProTray.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe (Symantec) D:\GHOST\Shared\Drivers\SymSnapServicex64.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragmonitorservice.exe () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragactivitymonitor.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe [2883456 2012-05-14] (Ashampoo Development GmbH & Co. KG) HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1 MountPoints2: {03e891f0-1fe5-11e3-af7d-806e6f6e6963} - F:\autoRcd.exe HKLM-x32\...\Run: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe [1654784 2009-08-30] (Voyetra Turtle Beach, Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) HKLM-x32\...\Run: [DefragTaskBar] - C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe [927072 2009-12-16] () HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Norton Ghost 15.0] - D:\GHOST\Agent\VProTray.exe [2596712 2009-10-01] (Symantec Corporation) HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.) HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.) HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun AppInit_DLLs: C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO) AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO) Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Evelyn\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe () BootExecute: autocheck autochk * DfSDKBt ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87DE93B1D0C5CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}: [NameServer]8.26.56.26,156.154.70.22 Tcpip\..\Interfaces\{DC4B6AD0-A5E1-4DF2-9500-170112465B76}: [NameServer]8.26.56.26,156.154.70.22 ==================== Services (Whitelisted) ================= R2 Ashampoo Defrag Service; C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe [890208 2009-12-16] () R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-09-19] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] () R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.) S3 GenericMount Helper Service; D:\GHOST\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation) R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation) S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG) R2 Norton Ghost; D:\GHOST\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia) S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) S3 Symantec SymSnap VSS Provider; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) R3 SymSnapService; D:\GHOST\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec) R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] () ==================== Drivers (Whitelisted) ==================== R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-18] (DT Soft Ltd) R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO) R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [12824 2011-03-08] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-18] (Duplex Secure Ltd.) R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft) R3 USBAU; C:\Windows\System32\drivers\CM10264.sys [1306624 2009-09-08] (C-Media Electronics Inc) R3 usbscan; C:\Windows\SysWow64\drivers\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation) R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-11-08] (OpenLibSys.org) U2 V2iMount; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-11 17:35 - 2013-12-11 17:35 - 00012702 _____ C:\Users\Evelyn\Desktop\FRST.txt 2013-12-11 17:30 - 2013-12-11 17:30 - 00000000 ____D C:\Windows\ERUNT 2013-12-11 17:25 - 2013-12-11 17:25 - 01928212 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe 2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Malwarebytes 2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-11 15:51 - 2013-12-11 17:28 - 00000168 _____ C:\Windows\setupact.log 2013-12-11 15:51 - 2013-12-11 15:51 - 00000000 _____ C:\Windows\setuperr.log 2013-12-11 15:27 - 2013-12-11 15:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-12-11 15:26 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2013-12-11 15:26 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2013-12-11 15:26 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2013-12-11 15:26 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-12-11 15:26 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2013-12-11 15:26 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2013-12-11 15:26 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2013-12-11 15:26 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2013-12-11 15:26 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2013-12-11 15:26 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2013-12-11 15:26 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2013-12-11 15:26 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2013-12-11 15:26 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-12-11 15:26 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2013-12-11 15:26 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2013-12-11 15:25 - 2013-09-26 21:40 - 01993496 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll 2013-12-11 15:25 - 2013-09-26 21:40 - 01722648 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll 2013-12-11 15:25 - 2013-07-30 14:04 - 00397080 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2013-12-11 15:25 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2013-12-11 15:25 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2013-12-11 15:25 - 2011-12-16 14:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll 2013-12-11 15:25 - 2009-11-18 07:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll 2013-12-11 15:24 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2013-12-11 15:24 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-12-11 15:24 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2013-12-11 15:24 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2013-12-11 15:20 - 2013-12-11 15:20 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-12-11 15:18 - 2013-12-11 15:18 - 00000000 ____D C:\ProgramData\ATI 2013-12-11 15:17 - 2013-12-11 15:17 - 00055617 _____ C:\Windows\SysWOW64\CCCInstall_201312111517229528.log 2013-12-11 15:17 - 2013-12-11 15:17 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-12-11 15:11 - 2013-12-11 15:12 - 00000000 ____D C:\ProgramData\Package Cache 2013-12-11 01:09 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2013-12-11 01:09 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2013-12-11 01:09 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2013-12-11 01:09 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2013-12-11 01:07 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-11 01:07 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-11 01:06 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-11 01:06 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-11 01:06 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-11 01:06 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-11 01:06 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-11 01:06 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-11 01:06 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-11 01:06 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-11 01:06 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-11 01:06 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-11 01:06 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-11 01:06 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-11 01:02 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-12-11 01:02 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-11 01:02 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-11 01:02 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-12-11 01:02 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-11 01:02 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2013-12-11 01:02 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-11 01:02 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-11 01:02 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-11 01:02 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-11 01:02 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-11 01:02 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2013-12-11 01:02 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-11 01:02 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-11 01:02 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-11 01:02 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2013-12-11 01:02 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-11 01:02 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-11 01:02 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-10 22:58 - 2013-12-10 22:58 - 05120000 _____ C:\Users\Evelyn\Downloads\Weiss_118.pps 2013-12-10 22:54 - 2013-12-10 22:54 - 02158592 _____ C:\Users\Evelyn\Downloads\Mann_und_Frau6.pps 2013-12-10 22:53 - 2013-12-10 22:53 - 05028249 _____ C:\Users\Evelyn\Downloads\Bij_de_chinees11.wmv 2013-12-10 22:52 - 2013-12-10 22:52 - 03251750 _____ C:\Users\Evelyn\Downloads\ohrfeige_in_zeitlupe.avi 2013-12-10 22:39 - 2013-12-10 22:39 - 01690624 _____ C:\Users\Evelyn\Downloads\Frohe_Weihnachtszeit.pps 2013-12-10 22:31 - 2013-12-10 22:31 - 03754496 _____ C:\Users\Evelyn\Downloads\Licht.pps 2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST 2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx 2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx 2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx 2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv 2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps 2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx 2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx 2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps 2013-12-08 21:40 - 2013-12-08 21:41 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv 2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps 2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps 2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps 2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls 2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps 2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx 2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx 2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps 2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx 2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv 2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps 2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps 2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps 2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps 2013-12-02 02:53 - 2013-12-11 15:52 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk 2013-12-01 18:53 - 2013-12-11 17:27 - 00000000 ____D C:\AdwCleaner 2013-11-30 17:55 - 2013-11-30 17:56 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer 2013-11-30 17:48 - 2013-12-05 00:25 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner 2013-11-30 17:47 - 2013-12-10 00:11 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke 2013-11-30 17:47 - 2013-12-05 07:05 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche 2013-11-22 06:30 - 2013-12-11 17:28 - 00016984 _____ C:\Users\Evelyn\DesktopStCenter.txt 2013-11-22 02:01 - 2013-12-11 15:52 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL 2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht 2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc 2013-11-18 09:31 - 2013-11-18 10:00 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-11-16 13:26 - 2013-12-11 17:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-16 13:26 - 2013-12-11 17:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-15 10:10 - 2013-11-18 09:31 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub 2013-11-14 15:57 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2013-11-14 15:57 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2013-11-14 15:57 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-11-14 15:57 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2013-11-14 15:57 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2013-11-14 15:57 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-11-14 15:57 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2013-11-14 15:57 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2013-11-14 15:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2013-11-14 15:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2013-11-14 15:57 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2013-11-14 15:57 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2013-11-14 15:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-11-14 15:57 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2013-11-14 15:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2013-11-14 15:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2013-11-14 15:57 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-11-14 15:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-11-14 15:56 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2013-11-14 15:56 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2013-11-14 14:57 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 14:57 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 14:56 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 14:56 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 14:56 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 14:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 14:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 14:56 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 14:56 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 14:56 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 14:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 14:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 14:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 14:56 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 14:56 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 14:56 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 14:56 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 14:56 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 14:56 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 14:56 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 14:56 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 14:56 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 14:56 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 14:56 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 14:56 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 14:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 14:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 14:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 14:56 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 14:56 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch 2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt ==================== One Month Modified Files and Folders ======= 2013-12-11 17:35 - 2013-12-11 17:35 - 00012702 _____ C:\Users\Evelyn\Desktop\FRST.txt 2013-12-11 17:30 - 2013-12-11 17:30 - 00000000 ____D C:\Windows\ERUNT 2013-12-11 17:29 - 2013-11-08 22:23 - 00002047 _____ C:\Users\Evelyn\Documents\PTBSync-AutoExport-Evelyn.ini 2013-12-11 17:28 - 2013-12-11 15:51 - 00000168 _____ C:\Windows\setupact.log 2013-12-11 17:28 - 2013-11-22 06:30 - 00016984 _____ C:\Users\Evelyn\DesktopStCenter.txt 2013-12-11 17:28 - 2013-10-14 14:07 - 00000000 ____D C:\Users\Evelyn\Desktop\DigiPhoto 2013-12-11 17:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-11 17:27 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner 2013-12-11 17:27 - 2013-09-18 18:55 - 00004096 ___SH C:\VSNAP.IDX 2013-12-11 17:27 - 2013-09-17 23:08 - 01548093 _____ C:\Windows\WindowsUpdate.log 2013-12-11 17:27 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-11 17:27 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-11 17:25 - 2013-12-11 17:25 - 01928212 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe 2013-12-11 17:21 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-12-11 17:21 - 2013-11-16 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-11 17:21 - 2013-09-18 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-11 17:21 - 2013-09-18 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Malwarebytes 2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-11 17:10 - 2013-09-18 22:10 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2013-12-11 15:52 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk 2013-12-11 15:52 - 2013-11-22 02:01 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2013-12-11 15:52 - 2013-09-17 23:13 - 00000000 ___RD C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-11 15:51 - 2013-12-11 15:51 - 00000000 _____ C:\Windows\setuperr.log 2013-12-11 15:45 - 2013-09-17 23:13 - 00000000 ____D C:\Users\Evelyn 2013-12-11 15:44 - 2013-09-18 00:03 - 00000000 ____D C:\Windows\Panther 2013-12-11 15:35 - 2013-09-17 23:15 - 00000000 ____D C:\ProgramData\DriverGenius 2013-12-11 15:34 - 2013-09-17 23:31 - 00000000 ____D C:\Users\Public\Documents\DriverGenius 2013-12-11 15:27 - 2013-12-11 15:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2013-12-11 15:24 - 2013-09-17 23:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-11 15:20 - 2013-12-11 15:20 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-12-11 15:18 - 2013-12-11 15:18 - 00000000 ____D C:\ProgramData\ATI 2013-12-11 15:17 - 2013-12-11 15:17 - 00055617 _____ C:\Windows\SysWOW64\CCCInstall_201312111517229528.log 2013-12-11 15:17 - 2013-12-11 15:17 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-12-11 15:17 - 2013-09-17 23:47 - 00000000 ____D C:\ProgramData\AMD 2013-12-11 15:16 - 2013-09-17 23:45 - 00000000 ____D C:\Program Files\ATI Technologies 2013-12-11 15:12 - 2013-12-11 15:11 - 00000000 ____D C:\ProgramData\Package Cache 2013-12-11 15:09 - 2013-09-18 00:29 - 00000000 ____D C:\ProgramData\AmUStor 2013-12-11 15:09 - 2013-09-18 00:29 - 00000000 ____D C:\Program Files (x86)\AmIcoSingLun 2013-12-11 15:08 - 2013-09-18 00:46 - 00000000 ____D C:\Program Files\Intel 2013-12-11 10:16 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Evelyn\Documents\BOOKLOOKER 2013-12-11 03:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-12-11 02:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration 2013-12-11 01:19 - 2013-09-18 00:35 - 01606202 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-12-11 01:19 - 2009-07-14 18:58 - 00704002 _____ C:\Windows\system32\perfh007.dat 2013-12-11 01:19 - 2009-07-14 18:58 - 00151140 _____ C:\Windows\system32\perfc007.dat 2013-12-11 01:18 - 2009-07-14 06:13 - 01606202 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-11 01:12 - 2009-07-14 05:45 - 00417024 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-11 01:08 - 2013-09-18 00:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-11 01:05 - 2013-09-18 20:13 - 00000000 ____D C:\Windows\system32\MRT 2013-12-11 01:04 - 2013-09-18 20:13 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-10 22:58 - 2013-12-10 22:58 - 05120000 _____ C:\Users\Evelyn\Downloads\Weiss_118.pps 2013-12-10 22:54 - 2013-12-10 22:54 - 02158592 _____ C:\Users\Evelyn\Downloads\Mann_und_Frau6.pps 2013-12-10 22:53 - 2013-12-10 22:53 - 05028249 _____ C:\Users\Evelyn\Downloads\Bij_de_chinees11.wmv 2013-12-10 22:52 - 2013-12-10 22:52 - 03251750 _____ C:\Users\Evelyn\Downloads\ohrfeige_in_zeitlupe.avi 2013-12-10 22:39 - 2013-12-10 22:39 - 01690624 _____ C:\Users\Evelyn\Downloads\Frohe_Weihnachtszeit.pps 2013-12-10 22:31 - 2013-12-10 22:31 - 03754496 _____ C:\Users\Evelyn\Downloads\Licht.pps 2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST 2013-12-10 00:11 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke 2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx 2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx 2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx 2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv 2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps 2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx 2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx 2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps 2013-12-08 21:41 - 2013-12-08 21:40 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv 2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps 2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps 2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps 2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps 2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls 2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps 2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx 2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx 2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps 2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx 2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx 2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv 2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps 2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps 2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps 2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps 2013-12-05 07:05 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche 2013-12-05 00:27 - 2013-11-07 21:11 - 00000000 ____D C:\Users\Evelyn\Downloads\wmv 2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pps 2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pdf 2013-12-05 00:25 - 2013-11-30 17:48 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner 2013-12-04 18:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-12-02 02:47 - 2013-11-10 21:04 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10 2013-12-02 02:47 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\SONSTIGES 2013-11-30 17:56 - 2013-11-30 17:55 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer 2013-11-29 21:29 - 2013-09-21 21:51 - 00000000 ____D C:\Users\Evelyn\Documents\SCHRIFTWECHSEL 2013-11-29 09:22 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\GEDICHTE 2013-11-23 19:26 - 2013-12-11 01:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-11-23 18:47 - 2013-12-11 01:02 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-11-22 02:10 - 2013-09-18 23:48 - 00000000 ___RD C:\Users\Evelyn\Desktop\WARTUNG 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM 2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL 2013-11-22 02:01 - 2013-09-18 16:29 - 00000000 ____D C:\Program Files\FRITZ!DSL 2013-11-22 01:43 - 2013-09-18 16:59 - 00000000 ___RD C:\Users\Evelyn\Desktop\Alo-Support 2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht 2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc 2013-11-18 16:37 - 2013-09-18 15:53 - 00000000 ___RD C:\Users\Evelyn\Desktop\Verknüpfungen 2013-11-18 10:00 - 2013-11-18 09:31 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub 2013-11-18 09:31 - 2013-11-15 10:10 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-11-16 13:28 - 2013-09-18 18:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-16 13:28 - 2013-09-18 18:04 - 00000000 ____D C:\ProgramData\Adobe 2013-11-16 13:28 - 2013-09-18 18:03 - 00000000 ____D C:\Users\Evelyn\AppData\Local\Adobe 2013-11-16 13:28 - 2013-09-18 01:50 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Adobe 2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch 2013-11-12 06:33 - 2013-09-18 22:08 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2013-11-12 06:33 - 2013-09-18 22:08 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll 2013-11-12 06:33 - 2013-09-18 22:08 - 00000000 ____D C:\Program Files (x86)\Comodo 2013-11-12 03:23 - 2013-12-11 01:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-11-12 03:07 - 2013-12-11 01:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-11-11 17:41 - 2013-10-01 13:28 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt Some content of TEMP: ==================== C:\Users\Evelyn\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-10 00:33 ==================== End Of Log ============================ --- --- --- Liebe Grüße, Alois --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Hi, sollte der PC "sauber" sein, so habe ich zwei Theorien: 1) Nicht immer funktionieren die Standardeinstellungen auch auf allen Hardwarekonfigurationen 2) Manchmal muss noch einmal installiert werden, damit ein Programm tatsächlich tadellos funzt Zunächst einmal habe ich meine eigenen Einstellungen mit "easy transfer" von Win7 von meinem Rechner auf den meiner Freundin übertragen - mal sehen, ob das etwas ändert..... falls nicht, fasse ich auch eine Reparaturinstallation ins Auge - was meinst du dazu? Übrigens, allein das Dokument über die Einstellungen des IE von MS hat fast 200 Seiten PS: Finde es toll, wie du hier hilfst, denn ich habe mal selbst während meines Studiums einen Vollzeitjob gehabt Liebe Grüße, Alois Geändert von Alois S (12.12.2013 um 11:17 Uhr) |
12.12.2013, 12:52 | #6 | ||
/// the machine /// TB-Ausbilder | Verdacht auf Malware (Win7, nicht dringend)Zitat:
Zitat:
__________________ --> Verdacht auf Malware (Win7, nicht dringend) |
12.12.2013, 23:39 | #7 |
| Verdacht auf Malware (Win7, nicht dringend) Hallo schrauber, vielen Dank für deine Antwort! na, dann mal abwarten, was weiter passiert - Richtiger Datenträger mit Sp1 und Key liegen bereit und 2neue Images sind sicherheitshalber gerade angelegt worden und überarbeite dich nicht, ja? Liebe Grüße, Alois -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Zwischenmeldung: Seit dem "easy Transfer" aller meiner Einstellungen ist auf dem Rechner meiner Freundin kein weiterer Fehler aufgetreten - falls das so bleibt..... -------------------------------------------------------------------------------------------------------------------------
__________________ Post © Alois 2015 – Alle Rechte vorbehalten – kein Teil darf in irgendeiner Form ohne schriftliche Genehmigung des Autors kritisiert werden! |
13.12.2013, 20:11 | #8 |
/// the machine /// TB-Ausbilder | Verdacht auf Malware (Win7, nicht dringend) klingt doch gut
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.12.2013, 02:34 | #9 |
| Verdacht auf Malware (Win7, nicht dringend) Hallo schrauber, unglaublich-aber wahr: Die Kiste läuft wie geschmiert - es lag also doch an irgendwelchen Einstellungen..... Da sie aber auch meine restriktiven Sicherheitsrichtlinien geerbt hat, läuft "NortonGhost" klarerweise nicht (halte ich nicht unbedingt für einen Fehler - das Ding war zwar mal gut, aber......) - jetzt hat sie eben Acronis Nur gut, dass sie keine "Gamerin" ist - sonst müsste ich die Regeln wohl ändern Vielen Dank für deine Hilfe und liebe Grüße, Alois
__________________ Post © Alois 2015 – Alle Rechte vorbehalten – kein Teil darf in irgendeiner Form ohne schriftliche Genehmigung des Autors kritisiert werden! |
14.12.2013, 08:04 | #10 |
/// the machine /// TB-Ausbilder | Verdacht auf Malware (Win7, nicht dringend) Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Verdacht auf Malware (Win7, nicht dringend) |
64bit, comodo, dringend, fehlermeldungen, folge, folgende, freeze, freundin, inter, interne, internet, komplette, malware, neuinstallation, nichts, paypal, rechner, scans, security, täglich, umgehen, verdacht, website, win, win7 |