|
Plagegeister aller Art und deren Bekämpfung: Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-FlutWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.12.2013, 18:21 | #1 |
| Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut Liebes Trojaner-Board Team, seit heute morgen wird unser Mail-Konto bei web.de mit Mails überschwemmt, die darauf hindeuten, dass mit unserer eMail-Adresse Mails an Leute verschickt werden, die wir aber gar nicht kennen. Sie landen dann mit dem Absender "keineantwortadresse@web.de" in unserem "Unbekannt"-Ordner. Die Mails liegen noch auf dem Server und wurden nicht mit Thunderbird abgerufen. Beispielhaft sieht der Inhalt so aus (unsere Mail-Adresse habe ich hir auf xx.xxxxxx@web.de geändert: This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address failed: <annika.kuptz@gmx.de> Reason: virus/suspect content found --- The header of the original message is following. --- Received: from Anmeldung2 ([217.91.187.193]) by smtp.web.de (mrweb101) with ESMTPSA (Nemesis) id 0LpfC6-1VK4EG27dO-00fV9r for <annika.kuptz@gmx.de>; Tue, 10 Dec 2013 13:50:46 +0100 From: "=?utf-8?q?Rechtsanw=C3=A4lte?=" <xx.xxxxxx@web.de> To: "Annika Kuptz" <annika.kuptz@gmx.de> Subject: An Annika Kuptz: Schadensersatz Ihrer Urheberrechtsverletzung 10.12.2013 Date: Tue, 10 Dec 2013 12:50:33 GMT MIME-Version: 1.0 X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-Priority: 3 Content-Type: multipart/mixed; boundary="=-XC00CF66BD" Message-ID: <0LgYG1-1VBa2F3y7h-00nzcK@smtp.web.de> X-Provags-ID: V03:K0:U2cQJANKaFnwo60laTYKpZI5ZQZFLctStrGi+30gt/30+WLP28m FL2QNVDnzy9rioLqsFcq0n7+Lcxx91oDX9B/5XMOkMknkBIKQ0wDdcAcAEjh2RT6xqi5jqy L06iVIy2BbqnhGksEzZe90Yf/SNDYjUgXSV7lOEWFYtrf3L+2z7AveRBsUy63lblXTigIDg rWEUNuUxGTW5QuiHsx8DA== Es wäre super, wenn ihr uns helfen könntet! Vielen Dank vorab! Brombeere |
10.12.2013, 18:23 | #2 |
/// the machine /// TB-Ausbilder | Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
10.12.2013, 18:53 | #3 |
| Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut Hallo schrauber,
__________________vielen Dank für die schnelle Antwort. Hier die Auswertung von FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013 Ran by Silberlin (administrator) on SILBER on 10-12-2013 18:28:12 Running from C:\Users\Silberlin\Desktop Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.) HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-11-27] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [191544 2012-11-27] (Lenovo(beijing) Limited) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-25] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKLM-x32 - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKCU - DefaultScope {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = SearchScopes: HKCU - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default FF Homepage: https://ixquick.com/deu FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: FireShot - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} FF Extension: WOT - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: firefox - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\firefox@ghostery.com.xpi FF Extension: trackmenot - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\trackmenot@mrl.nyu.edu.xpi FF Extension: noscript - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: Adblock Plus - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: bprivacyprefs - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi FF Extension: greasemonkey - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: No Name - C:\Program Files\McAfee\MSK Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" CHR DefaultSearchKeyword: google.de CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Extension: (Docs) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Safe Money) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Freemake Video Converter) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0 CHR Extension: (Gmail) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Anti-Banner) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0 CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.) R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-12] () R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-10-09] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-04-22] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-12] () S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-10 18:28 - 2013-12-10 18:28 - 00026272 _____ C:\Users\Silberlin\Desktop\FRST.txt 2013-12-10 18:27 - 2013-12-10 18:27 - 00000000 ____D C:\FRST 2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Downloads\FRST64.exe 2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Desktop\FRST64.exe 2013-12-07 17:26 - 2013-12-07 17:26 - 00001518 _____ C:\Users\Silberlin\Downloads\URLLink(3).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001510 _____ C:\Users\Silberlin\Downloads\URLLink(4).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001501 _____ C:\Users\Silberlin\Downloads\URLLink(1).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001498 _____ C:\Users\Silberlin\Downloads\URLLink(2).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001484 _____ C:\Users\Silberlin\Downloads\URLLink.acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(6).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(5).acsm 2013-11-26 20:52 - 2013-11-26 20:52 - 00000000 _____ C:\WINDOWS\OpPrintServer.INI 2013-11-26 20:50 - 2013-11-26 20:50 - 00002585 _____ C:\Users\Public\Desktop\ZoomBrowser EX.lnk 2013-11-26 20:49 - 2013-11-26 20:49 - 00002031 _____ C:\Users\Public\Desktop\FileViewerUtility.lnk 2013-11-26 20:48 - 2013-11-26 20:53 - 00000000 ____D C:\Program Files (x86)\Canon 2013-11-21 23:30 - 2013-11-27 20:57 - 00005144 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber 2013-11-16 20:57 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-16 20:57 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-16 20:57 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-16 20:57 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-16 20:56 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-16 20:56 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-16 20:56 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-16 20:56 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-16 20:56 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-16 20:56 - 2013-11-05 15:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-16 20:56 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-16 20:56 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-16 20:56 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-16 20:56 - 2013-10-23 06:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-16 20:56 - 2013-10-23 06:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-16 20:56 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-16 20:56 - 2013-10-23 05:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-16 20:56 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-16 20:56 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-16 20:56 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-16 20:56 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-16 20:56 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-16 20:56 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-16 20:56 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-16 20:56 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-16 20:56 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-16 20:56 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-16 20:56 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-16 20:56 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-16 20:56 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-16 20:56 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-16 20:56 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-16 20:56 - 2013-10-19 10:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-16 20:56 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-16 20:56 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-16 20:56 - 2013-10-19 07:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-16 20:56 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-16 20:56 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-16 20:56 - 2013-10-19 04:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-16 20:56 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-16 20:56 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-16 20:56 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-16 20:56 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-16 20:56 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-16 20:56 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-16 20:56 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-16 20:56 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-16 20:56 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-16 20:56 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-16 20:56 - 2013-10-11 16:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-16 20:56 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-16 20:56 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-16 20:56 - 2013-10-11 14:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-16 20:56 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-16 20:56 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-16 20:56 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-16 20:56 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-16 20:56 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-16 20:56 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-16 20:56 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-16 20:56 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-16 20:56 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-16 20:56 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-16 20:56 - 2013-10-10 11:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-16 20:56 - 2013-10-10 11:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-16 20:56 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-16 20:56 - 2013-10-08 12:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-16 20:56 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-16 20:56 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-16 20:56 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-16 20:56 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-16 20:56 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-16 20:56 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-16 20:56 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-16 20:56 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-16 20:56 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-16 20:56 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-16 20:56 - 2013-10-07 08:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-16 20:56 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-16 20:56 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-16 20:56 - 2013-10-05 16:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-16 20:56 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-16 20:56 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-16 20:56 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-16 20:56 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-16 20:56 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-16 20:56 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-16 20:56 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-16 20:56 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-16 20:56 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-16 20:56 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-16 20:56 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-16 20:56 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-16 20:56 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-16 20:56 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-16 20:56 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-16 20:56 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-16 20:56 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-16 20:56 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-16 20:56 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-16 20:56 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-16 20:56 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-16 20:56 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-16 20:56 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-16 20:56 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-16 20:56 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-16 20:56 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-16 20:56 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-16 20:56 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-16 20:56 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-16 20:56 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-16 20:56 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-16 20:56 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-16 20:56 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-16 20:56 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-16 20:56 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-16 20:56 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-16 20:56 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-16 20:56 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-16 20:56 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-16 20:56 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-16 20:56 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-16 20:56 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-16 20:56 - 2013-09-11 13:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-16 20:56 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-16 20:56 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-16 20:56 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-16 08:55 - 2013-11-16 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-13 06:16 - 2013-10-19 09:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-13 06:16 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-13 06:16 - 2013-10-19 07:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-13 06:16 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-13 06:16 - 2013-10-19 06:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-13 06:16 - 2013-10-19 06:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-13 06:16 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-13 06:16 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-13 06:16 - 2013-10-19 05:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-13 06:16 - 2013-10-19 05:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-13 06:16 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-13 06:16 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-13 06:16 - 2013-10-19 04:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-13 06:16 - 2013-10-19 04:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-13 06:16 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-13 06:16 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-13 06:16 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-13 06:16 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-13 06:16 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-13 06:16 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-13 06:16 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-13 06:16 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-13 06:16 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-11 10:00 - 2013-11-11 10:00 - 00000000 ____D C:\Users\Silberlin\Documents\Christina 2013-11-10 10:41 - 2013-11-10 10:41 - 00000000 ____D C:\Program Files\Kyocera 2013-11-10 10:40 - 2013-11-10 10:40 - 00000000 ____D C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed 2013-11-10 10:38 - 2013-11-10 10:39 - 72584830 _____ C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed.zip 2013-11-10 10:29 - 2013-11-10 10:29 - 00001002 _____ C:\Users\Silberlin\Desktop\Kyocera FS-1030D - Verknüpfung.lnk 2013-11-10 10:19 - 2013-11-10 10:19 - 00000000 ___RD C:\WINDOWS\BrowserChoice ==================== One Month Modified Files and Folders ======= 2013-12-10 18:28 - 2013-12-10 18:28 - 00026272 _____ C:\Users\Silberlin\Desktop\FRST.txt 2013-12-10 18:27 - 2013-12-10 18:27 - 00000000 ____D C:\FRST 2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Downloads\FRST64.exe 2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Desktop\FRST64.exe 2013-12-10 18:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-12-10 17:57 - 2013-02-12 19:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-10 17:56 - 2013-02-09 18:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-10 16:32 - 2013-02-09 17:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-12-10 15:56 - 2013-02-09 18:40 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-10 15:51 - 2013-02-09 18:40 - 00004102 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-10 15:51 - 2013-02-09 18:40 - 00003866 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-10 15:12 - 2013-11-08 15:47 - 01131943 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-10 15:10 - 2012-08-02 15:09 - 00030304 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klim6.sys 2013-12-10 15:10 - 2012-06-19 17:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2013-12-10 14:52 - 2013-11-08 16:27 - 00000000 __RDO C:\Users\Silberlin\SkyDrive 2013-12-10 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-12-09 22:56 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-09 22:56 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat 2013-12-09 22:56 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat 2013-12-09 17:43 - 2013-02-09 17:18 - 00000000 ____D C:\Users\Silberlin\AppData\Local\Packages 2013-12-09 01:08 - 2013-02-09 17:26 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3245869769-487074814-1224063536-1002 2013-12-08 22:53 - 2013-08-22 15:46 - 00334241 _____ C:\WINDOWS\setupact.log 2013-12-08 22:26 - 2013-11-08 15:53 - 00000000 ____D C:\Users\Silberlin 2013-12-08 22:13 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-07 17:26 - 2013-12-07 17:26 - 00001518 _____ C:\Users\Silberlin\Downloads\URLLink(3).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001510 _____ C:\Users\Silberlin\Downloads\URLLink(4).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001501 _____ C:\Users\Silberlin\Downloads\URLLink(1).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001498 _____ C:\Users\Silberlin\Downloads\URLLink(2).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001484 _____ C:\Users\Silberlin\Downloads\URLLink.acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(6).acsm 2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(5).acsm 2013-12-03 21:44 - 2013-03-02 20:48 - 00000000 ____D C:\Users\Silberlin\Documents\Nicolas 2013-12-02 10:14 - 2013-04-23 10:07 - 00000000 ____D C:\Users\Silberlin\Documents\Bernd 2013-11-29 09:35 - 2013-02-12 15:54 - 00000000 ____D C:\Users\Silberlin\Documents\Silke 2013-11-27 20:57 - 2013-11-21 23:30 - 00005144 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber 2013-11-26 21:01 - 2013-09-29 20:04 - 00013474 _____ C:\WINDOWS\PFRO.log 2013-11-26 21:01 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-11-26 21:01 - 2013-08-03 11:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-26 20:53 - 2013-11-26 20:48 - 00000000 ____D C:\Program Files (x86)\Canon 2013-11-26 20:53 - 2012-11-27 01:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-26 20:52 - 2013-11-26 20:52 - 00000000 _____ C:\WINDOWS\OpPrintServer.INI 2013-11-26 20:50 - 2013-11-26 20:50 - 00002585 _____ C:\Users\Public\Desktop\ZoomBrowser EX.lnk 2013-11-26 20:49 - 2013-11-26 20:49 - 00002031 _____ C:\Users\Public\Desktop\FileViewerUtility.lnk 2013-11-21 21:34 - 2013-02-09 17:53 - 00000000 ____D C:\ldiag 2013-11-20 15:24 - 2013-10-18 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2013-11-19 06:10 - 2013-02-11 16:46 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-11-18 12:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2013-11-17 16:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-11-17 07:32 - 2013-02-09 17:20 - 00000000 ___RD C:\Users\Silberlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-17 07:32 - 2013-02-09 17:20 - 00000000 ___RD C:\Users\Silberlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-17 07:29 - 2013-08-22 15:44 - 00682216 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-11-16 08:55 - 2013-11-16 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-13 16:05 - 2013-08-04 14:59 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-11-13 16:04 - 2013-02-10 11:29 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-11-11 10:00 - 2013-11-11 10:00 - 00000000 ____D C:\Users\Silberlin\Documents\Christina 2013-11-10 10:41 - 2013-11-10 10:41 - 00000000 ____D C:\Program Files\Kyocera 2013-11-10 10:40 - 2013-11-10 10:40 - 00000000 ____D C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed 2013-11-10 10:39 - 2013-11-10 10:38 - 72584830 _____ C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed.zip 2013-11-10 10:29 - 2013-11-10 10:29 - 00001002 _____ C:\Users\Silberlin\Desktop\Kyocera FS-1030D - Verknüpfung.lnk 2013-11-10 10:19 - 2013-11-10 10:19 - 00000000 ___RD C:\WINDOWS\BrowserChoice ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-09 01:08 ==================== End Of Log ============================ --- --- --- und nun Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013 Ran by Silberlin at 2013-12-10 18:29:02 Running from C:\Users\Silberlin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 3.8.0.1430) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Amazon Browser App (x32 Version: 1.0.0.0) Anno 1404 (x32 Version: 1.00.0000) ANNO 1404 (x32 Version: 1.02.0000) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7) Benutzerhandbuch (x32 Version: 1.0.0.9) Bonjour (Version: 3.0.0.10) Camera Window (x32 Version: 4.5.2) Canon Camera WIA Driver (x32 Version: 5.2) Canon Camera Window for ZoomBrowser EX (x32 Version: 4.5.2) Canon EOS Kiss REBEL 300D WIA-Treiber (x32 Version: 5.2) Canon Internet Library for ZoomBrowser EX (x32 Version: 1.3.1) Canon PhotoRecord (x32 Version: 02.00.00029) Canon RAW Image Task for ZoomBrowser EX (x32 Version: 0.9.0) Canon RemoteCapture Task for ZoomBrowser EX (x32 Version: 0.9.0) Canon Utilities File Viewer Utility 1.3 (x32 Version: 1.3.2) Canon Utilities PhotoStitch 3.1 (x32 Version: 3.1.10) Canon Utilities RemoteCapture 2.7 (x32 Version: 2.7.5) Canon Utilities ZoomBrowser EX (x32 Version: 04.05.01148) CDBurnerXP (x32 Version: 4.5.2.4214) CDex - Open Source Digital Audio CD Extractor (x32 Version: 1.70.4.2009) CIG (x32 Version: 1.3.1) Classic Shell (Version: 3.6.8) Conexant HD Audio (Version: 8.54.44.50) Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686) Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686) Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686) CorelDRAW Graphics Suite X5 - BR (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - CZ (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - DE (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - ES (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - FR (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - IPM HSE (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - IT (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - NL (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - PL (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - RU (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3) CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3) CorelDRAW Home & Student Suite X5 - Extra Content (x32 Version: 15.0) CorelDRAW Home & Student Suite X5 - Extra Content (x32) CorelDRAW Home & Student Suite X5 (x32 Version: 15.1) CorelDRAW(R) Home & Student Suite X5 (x32 Version: 15.2.0.686) Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16) Energy Management (x32 Version: 8.0.2.4) ESET Online Scanner v3 (x32) File Viewer Utility 1.3.2 (x32 Version: 1.3.2) FormatFactory 3.1.1 (x32 Version: 3.1.1) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.22.3) HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 28.0.1315.0) HP Officejet 6500 E710n-z Hilfe (x32 Version: 140.0.2.2) HP Update (x32 Version: 5.003.003.001) HPDiagnosticAlert (x32 Version: 1.00.0000) I.R.I.S. OCR (x32 Version: 12.3.4.0) Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10) Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) Processor Graphics (x32 Version: 10.18.10.3316) Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.388.1) iTunes (Version: 11.1.3.8) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190) Kyocera Product Library (Version: 4.2.1909) Lenovo Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1901) Lenovo EasyCamera (x32 Version: 6.1.7600.167) Lenovo OneKey Recovery (Version: 8.0.0.0710) Lenovo OneKey Recovery (x32 Version: 8.0.0.0710) Lenovo pointing device (Version: 11.4.3.3) Lenovo PowerDVD10 (x32 Version: 10.0.4310.52) Lenovo Solution Center (Version: 2.2.002.00) Lenovo YouCam (x32 Version: 4.1.3127) Lenovo_Wireless_Driver (x32 Version: 6.30.5926) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1005) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 24.1.1) Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1) MP4 To MP3 Converter V3.0.4 (x32) NVIDIA Grafiktreiber 327.02 (Version: 327.02) NVIDIA Install Application (Version: 2.1002.133.889) NVIDIA Optimus 1.10.8 (Version: 1.10.8) NVIDIA PhysX (x32 Version: 9.12.0613) NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613) NVIDIA Systemsteuerung 327.02 (Version: 327.02) NVIDIA Update 1.10.8 (Version: 1.10.8) NVIDIA Update Components (Version: 1.10.8) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005) PhotoStitch (x32 Version: 3.1.10) Power2Go (x32 Version: 5.6.0.9109) QuickTime (x32 Version: 7.74.80.86) RAW Image Task (x32 Version: 0.9.0) Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030) RemoteCapture 2.7.5 (x32 Version: 2.7.5) RemoteCapture Task (x32 Version: 0.9.0) Shared C Run-time for x64 (Version: 10.0.0) SugarSync Manager (x32 Version: 1.9.61.90905) UserGuide (x32 Version: 1.0.0.9) VLC media player 2.0.8 (x32 Version: 2.0.8) Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733) ==================== Restore Points ========================= 24-11-2013 12:09:04 Geplanter Prüfpunkt 26-11-2013 19:46:43 Installiert Solution Disk 05-12-2013 13:56:45 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {09AFB28F-B8D6-4D08-830D-AAB46A36A07B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-13] (Microsoft Corporation) Task: {1BBAC3E8-97D0-4703-9298-C176928731FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3DC97405-595D-4E07-A35F-CBC29A51BE5F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] () Task: {42B35F49-430B-4396-95B8-6BD2C06AD5FA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] () Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6C49BDC5-C933-40F0-9473-AD494EACF56A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {829872D0-0125-4288-847E-CF1AC3C3CB8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation) Task: {85F348D5-531D-4DF8-8699-3C583C7025FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation) Task: {865A8E28-6A1B-401B-BC6A-6173502BC38A} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {AF697E28-A703-4764-8D47-4CA0833D16C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {C7C986BC-E9BB-472B-BFB8-492F1C04DF3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.) Task: {C8F2159E-2DF7-4C65-960D-34D0338F50B5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E1A93523-A1A6-4EED-8791-71970184E6AF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EADB50C2-33DC-42B7-BAE9-683EBFB5FE7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\System32\pla.dll [2013-08-22] (Microsoft Corporation) Task: {F187CD5D-A7F5-4AA9-9580-4FAABA69888F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: {FFFD68F7-43BA-4D2A-AD0D-ECDE9629D53F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-08-26 15:48 - 2012-08-26 15:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll 2013-09-30 04:59 - 2013-09-30 04:59 - 00180224 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\ErrorReporting.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-08-17 21:39 - 2013-02-09 18:06 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll 2012-11-27 01:00 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll 2013-11-13 05:59 - 2013-11-13 05:59 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2013-11-13 05:59 - 2013-11-13 05:59 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll 2013-11-16 08:55 - 2013-11-16 08:55 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Silberlin\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/10/2013 06:26:41 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Error: (12/10/2013 03:06:30 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 57284172 Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 57284172 Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/09/2013 03:03:22 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Error: (12/09/2013 01:15:39 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Error: (12/08/2013 11:01:54 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f} Error: (12/08/2013 11:00:51 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f} Error: (12/08/2013 10:16:29 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15422 System errors: ============= Error: (12/10/2013 02:54:40 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/09/2013 05:14:37 PM) (Source: Tcpip) (User: ) Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8109:8ec0:5c8::2 mit dem Computer mit der Netzwerkhardwareadresse 18-AF-61-47-CB-27 ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Error: (12/09/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/08/2013 10:18:41 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/08/2013 10:16:02 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (12/08/2013 10:16:02 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1326 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (12/08/2013 10:13:42 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 08.12.2013 um 20:16:00 unerwartet heruntergefahren. Error: (12/08/2013 10:57:51 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/07/2013 10:37:47 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/06/2013 03:12:53 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Microsoft Office Sessions: ========================= Error: (12/10/2013 06:26:41 PM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Silberlin\Downloads\esetsmartinstaller_enu.exe Error: (12/10/2013 03:06:30 PM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 57284172 Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 57284172 Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/09/2013 03:03:22 AM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (12/09/2013 01:15:39 AM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (12/08/2013 11:01:54 PM) (Source: VSS)(User: ) Description: 0x80070005, Zugriff verweigert Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f} Error: (12/08/2013 11:00:51 PM) (Source: VSS)(User: ) Description: 0x80070005, Zugriff verweigert Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f} Error: (12/08/2013 10:16:29 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15422 ==================== Memory info =========================== Percentage of memory in use: 31% Total physical RAM: 8057.77 MB Available physical RAM: 5528.17 MB Total Pagefile: 9337.77 MB Available Pagefile: 6711.64 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:883.84 GB) (Free:746.63 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.41 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 66F0384E) Partition: GPT Partition Type ==================== End Of Log ============================ Brombeere |
11.12.2013, 10:56 | #4 |
/// the machine /// TB-Ausbilder | Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut Passwort zum Mail Account schon geändert? Seither immer noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.12.2013, 21:28 | #5 |
| Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut Hi schrauber, PW habe ich geändert und "Problem" auch web.de gemeldet. Seit gestern abend ist es vorerst ruhig. Keine weiteren Mails dieser Art. Aus den log-Dateien war dann wohl nichts zu lesen? Dir auf jeden Fall vielen Dank! Brombeere |
12.12.2013, 11:54 | #6 |
/// the machine /// TB-Ausbilder | Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut Logs sind sauber. Die Email Accounts werden einfach nur gehackt, da brauchts keine Malware auf dem Rechner.
__________________ --> Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut |
Themen zu Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut |
absender, anmeldung, content, could, delivery, express, gehackt, geändert, gmx.de, heute, inhalt, leute, mails, meldung, message, microsoft, morgen, nemesis, not, original, outlook, permanent, server, super, thunderbird, troja, unbekannt, verschickt |