|
Plagegeister aller Art und deren Bekämpfung: Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.12.2013, 23:04 | #1 |
| Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? Hallo, ich bekomme seit heute urplötzlich im 20 Minuten Takt Mailer-Daemon Mails von GMX, die ich über Outlook abrufe. Ist mein Rechner irgendwie infiziert??? In der Zeit, in der die Mails verschickt worden sind, war ich nicht daheim und der Rechner aus. Seit dem frühen Abend ist plötzlich Schluss mit den Mails, ungefähr seitdem ich den Rechner an habe. Es wird suggeriert ich hätte im Namen der Anwaltskanzlei Urmann und Kollegen Mails an andere Leute gesendet wegen Urheberrechtsverletzungen... Eine der zahllosen Mails lautet folgendermaßen: Code:
ATTFilter This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address failed: "nbusch@ukaachen.de": SMTP error from remote server after RCPT command: host: mx5.rz.rwth-aachen.de #5.1.0 Address rejected. --- The header of the original message is following. --- Received: from balw002 ([91.112.183.202]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0Lq9Ma-1VLn253kvY-00dnUQ for <nbusch@ukaachen.de>; Tue, 10 Dec 2013 18:18:58 +0100 From: "Regensburger Rechtsanwaltsgesellschaft Urmann + Collegen" <***@gmx.de> To: "Nils Busch" <nbusch@ukaachen.de> Subject: Redtube Urheberrechtsverletzung an dem Werk Glamour Show Girls Date: Tue, 10 Dec 2013 17:18:44 GMT MIME-Version: 1.0 X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-Priority: 3 Content-Type: multipart/mixed; boundary="=-XC66344EC3" Message-ID: <0MZlEg-1W8VHI2mAo-00LYUG@mail.gmx.com> X-Provags-ID: V03:K0:0DIZJI6Al2E6PL/uKfnWZTBZGpmC4KLSN9ONc5c2FDAzYBucnib kypf+d/xtm4c39KZZBAtm/+gUW6qaZFIzSk9TnTVHFh7CX9hUS0b88SUqQSR2bK1o+m9XS0 3S/syEag5O95aBckp93DNXzOA3cf2a8mYvMrK9wM2MARLXHvTmOkOI1PQh/ASccKYmcnnCO CkMoAPUHq7LI3L/n53veg== Ich bitte sehr um Hilfe!! Habe Malewarebytes durchlaufen lassen. Gefunden wurden 2 Sachen, die ich gelöscht habe. Der Logscan zeigt folgendes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.10.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 me :: ME-PC [Administrator] 10.12.2013 20:18:56 mbam-log-2013-12-10 (20-18-56).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 564213 Laufzeit: 2 Stunde(n), 17 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 F:\Downloads\DuplicateCleaner_setup_3.2.0.1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. F:\Downloads\Freemake4111VideoConverterSetup.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter OTL logfile created on: 10.12.2013 20:37:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*** \Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 43,55% Memory free 7,73 Gb Paging File | 4,62 Gb Available in Paging File | 59,84% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,66 Gb Total Space | 74,07 Gb Free Space | 50,51% Space Free | Partition Type: NTFS Drive E: | 278,00 Gb Total Space | 26,97 Gb Free Space | 9,70% Space Free | Partition Type: NTFS Drive F: | 28,00 Gb Total Space | 5,31 Gb Free Space | 18,98% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\*** \Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) PRC - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital ) PRC - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) PRC - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital) PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe () PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\17d646cd7bd3ef0e59a40de2328f4c86\Iris.Mapi.MessageStore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\BusinessLayer\70bda4f97e9c4b4088c6cb939b98a9bb\BusinessLayer.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\487add060ca97a14bded964674ad63f7\Microsoft.Interop.Mapi.Impl.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\BCMRes\c90f34b6018997c85226582d5c724a42\BCMRes.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\582023a23a1b9904483301ecdc20c018\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\BCMCommon\ffea4058c70243c5f4139eedb70a72ad\BCMCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0149e914e4cfbde7da65d4558af19ce0\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\de6ee26de5e4f343509de7e92ab48ba6\CustomMarshalers.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\1488c156635f7e35781ba386a27765ac\Microsoft.Office.Interop.Outlook.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\4070f36b1e502b80325621ecd1fd6467\Microsoft.Interop.Mapi.PropTags.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\office\362fac99ec7380f321c9e8fcb89faf6a\office.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\stdole\071856a2fade2421a4b3440ce7e5810c\stdole.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\dc96be7f5242755ffaa72ade9707a689\Microsoft.Interop.eCRM.Ole.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\b6d02b9cc9f934128f5ce0076c63a6e5\Microsoft.Interop.Mapi.Interfaces.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL () MOD - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () MOD - C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll () MOD - C:\PROGRA~2\MICROS~1\Office12\ADDINS\UMOUTL~1.DLL () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - C:\Windows\assembly\GAC_32\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils\3.0.0.0__31bf3856ad364e35\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils.dll () MOD - C:\Windows\assembly\GAC_32\Microsoft.BusinessSolutions.eCRM.OutlookAddIn\3.0.0.0__31bf3856ad364e35\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.dll () MOD - C:\Windows\assembly\GAC_32\BCMCommon\3.0.0.0__31bf3856ad364e35\BCMCommon.dll () MOD - C:\Windows\assembly\GAC_32\Microsoft.Interop.Mapi.Impl\3.0.0.0__31bf3856ad364e35\Microsoft.Interop.Mapi.Impl.dll () MOD - C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll () MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll () MOD - C:\PROGRA~2\MICROS~1\Office12\ADDINS\COLLEA~1.DLL () MOD - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\de-DE\BCMRes.resources.dll () MOD - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\de-DE\BusinessLayer.resources.dll () MOD - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\de-DE\Microsoft.Interop.Mapi.Interfaces.resources.dll () MOD - c:\program files (x86)\internet\nsftpch.dll () ========== Services (SafeList) ========== SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.8.130\McCHSvc.exe (McAfee, Inc.) SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE () SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.) SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (WDRulesService) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) SRV - (WDBackup) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital ) SRV - (WDDriveService) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe () SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (OS Selector) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe () SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (SZASSIST) -- C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe (Clarus, Inc.) SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (BcmSqlStartupSvc) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (bgsvcgen) -- C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis) DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis) DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis) DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis) DRV:64bit: - (vidsflt53) -- C:\Windows\SysNative\drivers\vsflt53.sys (Acronis) DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.) DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (SafeNet Inc.) DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (SafeNet Inc.) DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (SafeNet Inc.) DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID) DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\SBREDrv.sys (Sunbelt Software) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (e2eVAWdm) -- C:\Windows\SysNative\drivers\VAud_WDM.sys (e2eSoft) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys () DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (vtcdrv) -- C:\Windows\SysNative\drivers\vtcdrv_amd64.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (cdrbsdrv) -- C:\Windows\SysNative\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (mvd22) -- C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd22.sys () DRV - (mdf16) -- C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf16.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_7740g&r=27360810s616l0483z1j5x4621m23p IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE392DE392 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: jl%40leimbach-it.de:2.5 FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: %7B2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7%7D:1.5.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\Musik\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\*** \AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\*** \AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\*** \AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.05 11:01:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.15 23:37:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.15 23:37:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.05 11:01:14 | 000,000,000 | ---D | M] [2012.11.14 09:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Extensions [2010.08.19 17:54:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.11.14 09:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2013.12.06 17:38:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Firefox\Profiles\zsq8z8d2.default\extensions [2013.12.06 17:38:08 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\*** \AppData\Roaming\mozilla\Firefox\Profiles\zsq8z8d2.default\extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013.08.28 07:13:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\*** \AppData\Roaming\mozilla\Firefox\Profiles\zsq8z8d2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.11.26 13:22:14 | 000,006,850 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\jl@leimbach-it.de.xpi [2013.03.31 00:21:19 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\youtube2mp3@mondayx.de.xpi [2013.07.02 18:51:19 | 000,345,379 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi [2013.08.02 12:03:37 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013.10.11 06:05:31 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.15 20:50:13 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\firefox\profiles\zsq8z8d2.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013.11.15 23:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.11.15 23:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.11.15 23:37:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.11.15 23:37:35 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\afurladvisor@anchorfree.com [2012.03.22 22:01:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.01.05 00:02:04 | 000,001,847 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\privatesearch.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com CHR - Extension: Google Docs = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: DVDVideoSoft = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0\ CHR - Extension: Google Wallet = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: Google Mail = C:\Users\*** \AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012.07.11 19:19:57 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found. O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_Plugin.exe -update plugin File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\Internet\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\Internet\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\FP\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.fujidirekt.de/ips-opdata/objects/jordan.cab (JordanUploader Class) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2FF49CD-3ECA-4491-8337-58106D25BDBA}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\haufereader - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\sacore - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\dssrequest - No CLSID value found O18 - Protocol\Handler\gopher - No CLSID value found O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.12.10 20:36:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*** \Desktop\OTL.exe [2013.12.09 11:33:40 | 000,000,000 | ---D | C] -- C:\Users\*** \Desktop\Kreditkartenumsätze_files [2013.11.26 12:48:05 | 000,000,000 | ---D | C] -- C:\PMHOme - Videocam [2013.11.20 09:33:00 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013.11.20 09:29:22 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.11.20 09:29:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.11.20 09:29:18 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.11.20 09:29:18 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.11.20 09:29:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.11.20 09:29:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.11.20 09:29:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.11.20 09:29:17 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.11.20 09:29:17 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.11.20 09:29:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.11.20 09:29:17 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.11.20 09:29:17 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.11.20 09:29:17 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.11.20 09:29:17 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.11.20 09:29:17 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.11.20 09:29:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.11.20 09:29:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.11.20 09:29:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.11.20 09:29:17 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.11.20 09:29:17 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.11.20 09:29:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.11.20 09:29:17 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.11.20 09:29:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.11.20 09:29:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013.11.20 09:29:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.11.20 09:29:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.11.20 09:29:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013.11.20 09:29:17 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013.11.20 09:29:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.11.20 09:29:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.11.20 09:29:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.11.20 09:29:16 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.11.20 09:29:16 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013.11.20 09:29:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.11.20 09:29:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.11.20 09:29:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.11.20 09:29:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.11.20 09:29:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.11.20 09:29:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.11.20 09:29:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.11.20 09:29:15 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.11.20 09:29:15 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.11.20 09:29:15 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.11.20 09:29:15 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.11.20 09:29:15 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.20 09:29:15 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.20 09:29:15 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.11.20 09:29:15 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.11.20 09:29:15 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.11.20 09:29:15 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.11.20 09:29:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.11.20 09:29:15 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.20 09:29:15 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.11.20 09:29:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.11.20 09:29:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.11.20 09:29:15 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.11.20 09:29:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.11.20 09:29:15 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.11.20 09:29:15 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.11.20 09:29:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.11.20 09:29:15 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.11.20 09:29:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.20 09:29:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.11.20 09:29:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.11.20 09:29:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.20 09:29:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.11.20 09:29:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.20 09:29:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.11.20 09:29:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.11.20 09:29:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.11.20 09:29:14 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.11.20 09:29:14 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.20 09:29:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.11.20 09:29:14 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013.11.20 09:29:14 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013.11.20 09:29:14 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.11.20 09:29:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013.11.20 09:29:14 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.11.20 09:29:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.11.20 09:29:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013.11.19 10:09:04 | 000,000,000 | ---D | C] -- C:\Users\*** \Documents\Freemake [2013.11.19 10:09:01 | 000,000,000 | ---D | C] -- C:\Users\*** \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [2013.11.19 10:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [2013.11.19 10:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2013.11.19 10:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake [2013.11.19 09:53:24 | 000,000,000 | ---D | C] -- C:\Users\*** \Robbie Williams Take the Crown [2013.11.15 23:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.11.14 10:17:26 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.11.14 10:16:01 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.11.14 10:15:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013.11.14 10:15:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.11.14 10:15:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013.11.14 10:15:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013.11.14 10:15:45 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.11.14 10:15:45 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.11.14 10:15:45 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2013.11.14 10:15:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2013.11.14 10:15:44 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll [2013.11.14 10:06:22 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2013.11.14 10:06:16 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.11.14 10:06:16 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013.11.14 10:06:16 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013.11.14 10:06:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2013.11.14 10:00:33 | 000,000,000 | ---D | C] -- C:\bef11424cc8b278ef622be20c22fd0 [2013.11.14 09:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2 C:\Users\*** \Documents\*.tmp files -> C:\Users\*** \Documents\*.tmp -> ] [1 C:\Users\*** \*.tmp files -> C:\Users\*** \*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.12.10 20:36:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*** \Desktop\OTL.exe [2013.12.10 20:22:09 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.12.10 20:04:29 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.12.10 20:04:27 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.12.10 20:04:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.12.10 19:47:20 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2013.12.10 19:47:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.12.10 08:25:39 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.12.09 11:33:40 | 000,009,473 | ---- | M] () -- C:\Users\*** \Desktop\Kreditkartenumsätze.htm [2013.12.09 00:14:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.12.09 00:14:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.12.08 09:50:42 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\CheckDriveBackgroundGuard.job [2013.12.08 09:30:01 | 001,827,476 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.12.08 09:30:01 | 000,787,162 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.12.08 09:30:01 | 000,710,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.12.08 09:30:01 | 000,182,370 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.12.08 09:30:01 | 000,148,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.12.06 18:27:33 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1643634620-494845266-3134685510-1004Core1cef2a872bd3ae5.job [2013.12.06 07:16:54 | 000,002,224 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.12.03 10:27:44 | 000,107,416 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.11.27 12:50:06 | 000,030,726 | ---- | M] () -- C:\Users\*** \Desktop\roba laufstall2.JPG [2013.11.27 12:49:45 | 000,032,484 | ---- | M] () -- C:\Users\*** \Desktop\roba laufstall.JPG [2013.11.25 22:20:47 | 000,011,832 | ---- | M] () -- C:\Users\*** \Documents\cc_20131125_222044.reg [2013.11.25 21:35:39 | 000,007,605 | ---- | M] () -- C:\Users\*** \AppData\Local\Resmon.ResmonCfg [2013.11.25 16:54:40 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.11.25 16:54:40 | 000,083,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.11.25 16:54:40 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.11.20 09:29:22 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.11.20 09:29:22 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.11.20 09:29:18 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.11.20 09:29:18 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.11.20 09:29:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.11.20 09:29:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.11.20 09:29:18 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.11.20 09:29:17 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.11.20 09:29:17 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.11.20 09:29:17 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.11.20 09:29:17 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.11.20 09:29:17 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.11.20 09:29:17 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.11.20 09:29:17 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.11.20 09:29:17 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.11.20 09:29:17 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.11.20 09:29:17 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.11.20 09:29:17 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.11.20 09:29:17 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.11.20 09:29:17 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.11.20 09:29:17 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.11.20 09:29:17 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.11.20 09:29:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.11.20 09:29:17 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013.11.20 09:29:17 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.11.20 09:29:17 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.11.20 09:29:17 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013.11.20 09:29:17 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013.11.20 09:29:17 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.11.20 09:29:17 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.11.20 09:29:17 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.11.20 09:29:17 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.11.20 09:29:16 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.11.20 09:29:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013.11.20 09:29:16 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.11.20 09:29:16 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.11.20 09:29:16 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.11.20 09:29:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.11.20 09:29:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.11.20 09:29:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.11.20 09:29:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.11.20 09:29:15 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.11.20 09:29:15 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.11.20 09:29:15 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.11.20 09:29:15 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.11.20 09:29:15 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.20 09:29:15 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.20 09:29:15 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.11.20 09:29:15 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.11.20 09:29:15 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.11.20 09:29:15 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.11.20 09:29:15 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.11.20 09:29:15 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.20 09:29:15 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.11.20 09:29:15 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.11.20 09:29:15 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.11.20 09:29:15 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.11.20 09:29:15 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.11.20 09:29:15 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.11.20 09:29:15 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.11.20 09:29:15 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.11.20 09:29:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.11.20 09:29:15 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.20 09:29:15 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.11.20 09:29:15 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.11.20 09:29:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.20 09:29:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.11.20 09:29:15 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.20 09:29:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.11.20 09:29:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.11.20 09:29:15 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.11.20 09:29:15 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.11.20 09:29:14 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.11.20 09:29:14 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.20 09:29:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.11.20 09:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013.11.20 09:29:14 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013.11.20 09:29:14 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.11.20 09:29:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013.11.20 09:29:14 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.11.20 09:29:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.11.20 09:29:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013.11.19 10:22:57 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2013.11.19 10:09:01 | 000,001,369 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013.11.19 09:51:51 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdate.dll [2013.11.14 09:58:14 | 000,001,980 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.11.14 09:58:03 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2 C:\Users\*** \Documents\*.tmp files -> C:\Users\*** \Documents\*.tmp -> ] [1 C:\Users\*** \*.tmp files -> C:\Users\*** \*.tmp -> ] ========== Files Created - No Company Name ========== [2013.12.09 11:33:39 | 000,009,473 | ---- | C] () -- C:\Users\*** \Desktop\Kreditkartenumsätze.htm [2013.12.06 18:27:33 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1643634620-494845266-3134685510-1004Core1cef2a872bd3ae5.job [2013.11.27 12:50:06 | 000,030,726 | ---- | C] () -- C:\Users\*** \Desktop\roba laufstall2.JPG [2013.11.27 12:49:43 | 000,032,484 | ---- | C] () -- C:\Users\*** \Desktop\roba laufstall.JPG [2013.11.25 22:20:45 | 000,011,832 | ---- | C] () -- C:\Users\*** \Documents\cc_20131125_222044.reg [2013.11.20 09:29:17 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.11.20 09:29:15 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.11.19 10:09:01 | 000,001,369 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013.11.14 09:58:03 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.05.23 13:07:01 | 000,000,244 | ---- | C] () -- C:\Users\*** \.swfinfo [2013.03.12 15:05:12 | 000,000,057 | ---- | C] () -- C:\Windows\DcmLtbox-WS.ini [2012.07.11 08:12:46 | 000,000,000 | ---- | C] () -- C:\Users\*** \defogger_reenable [2012.06.01 21:28:33 | 000,004,096 | -H-- | C] () -- C:\Users\*** \AppData\Local\keyfile3.drm [2012.04.27 14:53:12 | 000,036,232 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll [2012.04.10 23:49:54 | 000,001,602 | ---- | C] () -- C:\Users\*** \AppData\Roaming\MyMicroBalanceConfig.ini [2011.12.26 00:25:33 | 000,033,134 | ---- | C] () -- C:\Users\*** \AppData\Roaming\UserTile.png [2011.12.16 20:22:57 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2011.12.07 18:58:52 | 000,000,016 | ---- | C] () -- C:\Users\*** \persistent_state [2011.05.13 08:31:15 | 000,003,584 | ---- | C] () -- C:\Users\*** \AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.18 10:22:28 | 000,000,001 | ---- | C] () -- C:\Users\*** \.SIG_PINSTATUS_VOREINSTELLUNG [2011.01.18 10:22:28 | 000,000,001 | ---- | C] () -- C:\Users\*** \.SIG_DIALOG_VOREINSTELLUNG [2010.12.26 13:15:39 | 000,007,605 | ---- | C] () -- C:\Users\*** \AppData\Local\Resmon.ResmonCfg [2010.09.26 08:41:36 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Files - Unicode (All) ========== [2013.11.22 10:03:20 | 105,626,457 | ---- | M] ()(C:\Windows\SysWow64\???£) -- C:\Windows\SysWow64\�£ [2013.11.20 15:35:44 | 105,626,457 | ---- | C] ()(C:\Windows\SysWow64\???£) -- C:\Windows\SysWow64\�£ [2013.11.16 09:57:34 | 104,513,208 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㮦鸍�ž [2013.11.15 21:55:22 | 104,513,208 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㮦鸍�ž [2013.11.15 11:07:26 | 104,371,820 | ---- | M] ()(C:\Windows\SysWow64\???O) -- C:\Windows\SysWow64\�㊭�O [2013.11.14 15:54:08 | 104,371,820 | ---- | C] ()(C:\Windows\SysWow64\???O) -- C:\Windows\SysWow64\�㊭�O [2013.11.14 09:53:53 | 104,200,551 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\镖’�“ [2013.11.07 13:50:06 | 104,200,551 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\镖’�“ [2013.11.07 07:50:19 | 102,894,578 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⪑ꕮ�Š [2013.11.06 08:18:04 | 102,894,578 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⪑ꕮ�Š [2013.10.25 20:26:49 | 103,054,676 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\힞溔™ [2013.10.24 13:26:17 | 103,054,676 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\힞溔™ [2013.10.21 19:18:27 | 102,171,793 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ [2013.10.21 19:18:27 | 102,171,793 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ [2013.10.21 13:05:01 | 102,154,219 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\輾ᶌ [2013.10.21 07:05:18 | 102,154,219 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\輾ᶌ [2013.10.20 19:47:56 | 102,068,998 | ---- | M] ()(C:\Windows\SysWow64\???G) -- C:\Windows\SysWow64\쥻䗦G [2013.10.17 07:50:42 | 102,068,998 | ---- | C] ()(C:\Windows\SysWow64\???G) -- C:\Windows\SysWow64\쥻䗦G [2013.10.16 14:43:11 | 101,406,750 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\骪嵘• [2013.10.16 06:42:50 | 101,406,750 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\骪嵘• [2013.10.15 15:02:12 | 101,148,298 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\틨强š [2013.10.15 04:04:56 | 101,148,298 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\틨强š [2013.10.14 13:54:08 | 100,857,291 | ---- | M] ()(C:\Windows\SysWow64\???E) -- C:\Windows\SysWow64\E [2013.10.14 13:54:08 | 100,857,291 | ---- | C] ()(C:\Windows\SysWow64\???E) -- C:\Windows\SysWow64\E [2013.10.13 17:02:27 | 100,742,045 | ---- | M] ()(C:\Windows\SysWow64\???£) -- C:\Windows\SysWow64\띢욱£ [2013.10.12 16:19:21 | 100,742,045 | ---- | C] ()(C:\Windows\SysWow64\???£) -- C:\Windows\SysWow64\띢욱£ [2013.10.11 06:00:08 | 100,446,413 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ꪐ缬 [2013.10.10 08:09:25 | 100,446,413 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ꪐ缬 [2013.10.09 22:16:59 | 100,163,860 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\県䡲 [2013.10.08 20:06:43 | 100,163,860 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\県䡲 [2013.10.04 08:59:16 | 099,176,917 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\눎毮“ [2013.10.04 08:59:16 | 099,176,917 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\눎毮“ [2013.10.02 15:16:28 | 098,743,931 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\出ᦾ‚ [2013.10.01 22:01:00 | 098,743,931 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\出ᦾ‚ [2013.09.30 23:41:35 | 098,602,865 | ---- | M] ()(C:\Windows\SysWow64\???F) -- C:\Windows\SysWow64\ꋍͥF [2013.09.30 23:41:35 | 098,602,865 | ---- | C] ()(C:\Windows\SysWow64\???F) -- C:\Windows\SysWow64\ꋍͥF [2013.09.30 14:25:42 | 098,499,637 | ---- | M] ()(C:\Windows\SysWow64\???J) -- C:\Windows\SysWow64\돊J [2013.09.30 08:25:50 | 098,499,637 | ---- | C] ()(C:\Windows\SysWow64\???J) -- C:\Windows\SysWow64\돊J [2013.09.23 15:35:36 | 098,663,986 | ---- | M] ()(C:\Windows\SysWow64\???%) -- C:\Windows\SysWow64\怚% [2013.09.23 08:17:54 | 098,663,986 | ---- | C] ()(C:\Windows\SysWow64\???%) -- C:\Windows\SysWow64\怚% [2013.09.22 16:28:14 | 098,597,466 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⸎꒿† [2013.09.22 09:36:05 | 098,597,466 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\⸎꒿† [2013.09.20 20:50:46 | 098,498,750 | ---- | M] ()(C:\Windows\SysWow64\???=) -- C:\Windows\SysWow64\ퟟḑ= [2013.09.20 14:13:59 | 098,498,750 | ---- | C] ()(C:\Windows\SysWow64\???=) -- C:\Windows\SysWow64\ퟟḑ= [2013.09.20 08:14:03 | 098,453,713 | ---- | M] ()(C:\Windows\SysWow64\???ª) -- C:\Windows\SysWow64\펈垌ª [2013.09.17 22:30:30 | 098,453,713 | ---- | C] ()(C:\Windows\SysWow64\???ª) -- C:\Windows\SysWow64\펈垌ª [2013.09.17 10:19:32 | 097,931,385 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᯥ䔋‡ [2013.09.15 21:43:15 | 097,931,385 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᯥ䔋‡ [2013.09.14 22:33:31 | 097,600,188 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\瓙곝› [2013.09.14 22:33:31 | 097,600,188 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\瓙곝› [2013.09.12 19:21:33 | 097,373,152 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㗾涊Ž [2013.09.12 19:21:33 | 097,373,152 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㗾涊Ž [2013.09.10 07:15:16 | 096,910,367 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\�ﮰ [2013.09.10 07:15:16 | 096,910,367 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\�ﮰ [2013.09.09 13:58:53 | 096,665,497 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꑮ䤆‡ [2013.09.09 13:58:53 | 096,665,497 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꑮ䤆‡ [2013.09.06 14:07:48 | 096,334,488 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\뿘ž [2013.09.05 07:48:35 | 096,334,488 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\뿘ž < End of report > |
11.12.2013, 06:30 | #2 |
/// the machine /// TB-Ausbilder | Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
11.12.2013, 09:24 | #3 |
| Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? danke erstmal und hier die gewünschten Logdateien:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01 Ran by me (administrator) on ME-PC on 11-12-2013 09:14:30 Running from C:\Users\me\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) C:\Users\me\AppData\Local\Google\Update\GoogleUpdate.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-20] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-01-20] (Atheros Commnucations) HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395928 2012-05-10] (Acronis) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-15] (Google Inc.) HKCU\...\Run: [Google Update] - C:\Users\me\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-17] (Google Inc.) HKCU\...\Runonce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_Plugin.exe -update plugin HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000 HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2673640 2012-05-10] () HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKU\fbwuser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () AppInit_DLLs: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_7740g&r=27360810s616l0483z1j5x4621m23p BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.fujidirekt.de/ips-opdata/objects/jordan.cab DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) Handler: haufereader - No CLSID Value - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: haufereader - No CLSID Value - Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\Musik\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @photodex.com/PhotodexPresenter - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\me\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\me\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\me\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\me\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\me\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\privatesearch.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} FF Extension: DownloadHelper - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: jl - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\jl@leimbach-it.de.xpi FF Extension: youtube2mp3 - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\youtube2mp3@mondayx.de.xpi FF Extension: prefs - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi FF Extension: prefs - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi FF Extension: Adblock Plus - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: dta - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\zsq8z8d2.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afurladvisor@anchorfree.com FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchKeyword: google.de CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding} CHR Extension: (Google Docs) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (DVDVideoSoft) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (Google Wallet) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx ==================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.) S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.) S4 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] () S4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] () S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] () R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation) S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) S4 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-08-30] (Clarus, Inc.) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation) S3 e2eVAWdm; C:\Windows\System32\DRIVERS\VAud_WDM.sys [60128 2010-05-07] (e2eSoft) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.) R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-12-03] (Lavasoft AB) S3 mdf16; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf16.sys [18288 2010-08-17] () S3 mvd22; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd22.sys [78192 2010-08-17] () R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [55384 2011-06-28] (Sunbelt Software) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-10-31] (Acronis) S3 vtcdrv; C:\Windows\System32\DRIVERS\vtcdrv_amd64.sys [24576 2008-05-09] (Windows (R) Codename Longhorn DDK provider) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-11 09:14 - 2013-12-11 09:15 - 00024158 _____ C:\Users\me\Desktop\FRST.txt 2013-12-11 09:14 - 2013-12-11 09:14 - 00000000 ____D C:\FRST 2013-12-11 09:14 - 2013-12-11 09:13 - 01928212 _____ (Farbar) C:\Users\me\Desktop\FRST64.exe 2013-12-10 21:54 - 2013-12-10 21:54 - 00157314 _____ C:\Users\me\Desktop\OTLfile.txt 2013-12-10 21:01 - 2013-12-10 21:01 - 00125632 _____ C:\Users\me\Desktop\Extras.Txt 2013-12-10 20:59 - 2013-12-10 20:59 - 00157080 _____ C:\Users\me\Desktop\OTL.Txt 2013-12-10 20:36 - 2013-12-10 20:36 - 00602112 _____ (OldTimer Tools) C:\Users\me\Desktop\OTL.exe 2013-12-10 19:53 - 2013-12-10 19:53 - 00000082 _____ C:\Users\me\Desktop\kaleb.txt 2013-12-10 19:52 - 2013-12-10 19:52 - 00000216 _____ C:\Users\me\Documents\riester berechnung förderung.txt 2013-12-09 11:33 - 2013-12-09 11:33 - 00009473 _____ C:\Users\me\Desktop\Kreditkartenumsätze.htm 2013-12-09 11:33 - 2013-12-09 11:33 - 00000000 ____D C:\Users\me\Desktop\Kreditkartenumsätze_files 2013-12-06 18:27 - 2013-12-06 18:27 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1643634620-494845266-3134685510-1004Core1cef2a872bd3ae5.job 2013-11-26 17:54 - 2013-11-26 17:54 - 00001028 _____ C:\Windows\PFRO.log 2013-11-26 12:48 - 2013-11-26 12:48 - 00000000 ____D C:\PMHOme - Videocam 2013-11-26 11:00 - 2013-11-26 11:00 - 00001566 _____ C:\Users\me\Desktop\eset2.txt 2013-11-26 08:32 - 2013-12-08 09:25 - 00002320 _____ C:\Windows\setupact.log 2013-11-26 08:32 - 2013-11-26 08:32 - 00000000 _____ C:\Windows\setuperr.log 2013-11-26 00:35 - 2013-11-26 00:35 - 00001741 _____ C:\Users\me\Desktop\eset.txt 2013-11-25 22:20 - 2013-11-25 22:20 - 00011832 _____ C:\Users\me\Documents\cc_20131125_222044.reg 2013-11-25 22:14 - 2013-11-25 22:14 - 00000223 _____ C:\Users\me\Desktop\PC aufräumen.txt 2013-11-24 23:53 - 2013-11-25 16:46 - 00000718 _____ C:\Users\me\Desktop\rabattschutz berechnung.txt 2013-11-20 15:35 - 2013-11-22 10:03 - 105626457 _____ C:\Windows\SysWOW64\�£ 2013-11-20 09:33 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-20 09:29 - 2013-11-20 09:29 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-20 09:29 - 2013-11-20 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-20 09:29 - 2013-11-20 09:29 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-20 09:29 - 2013-11-20 09:29 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-20 09:29 - 2013-11-20 09:29 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-20 09:29 - 2013-11-20 09:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-20 09:29 - 2013-11-20 09:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-20 09:29 - 2013-11-20 09:29 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-20 09:29 - 2013-11-20 09:29 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-20 09:29 - 2013-11-20 09:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-20 09:29 - 2013-11-20 09:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-19 10:09 - 2013-11-19 10:09 - 00001369 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk 2013-11-19 10:09 - 2013-11-19 10:09 - 00000000 ____D C:\Users\me\Documents\Freemake 2013-11-19 10:09 - 2013-11-19 10:09 - 00000000 ____D C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2013-11-19 10:08 - 2013-11-19 10:09 - 00000000 ____D C:\ProgramData\Freemake 2013-11-19 10:08 - 2013-11-19 10:09 - 00000000 ____D C:\Program Files (x86)\Freemake 2013-11-19 09:53 - 2013-11-20 13:59 - 00000000 ____D C:\Users\me\Robbie Williams Take the Crown 2013-11-15 23:37 - 2013-11-15 23:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 21:55 - 2013-11-16 09:57 - 104513208 _____ C:\Windows\SysWOW64\㮦鸍�ž 2013-11-14 15:54 - 2013-11-15 11:07 - 104371820 _____ C:\Windows\SysWOW64\�㊭�O 2013-11-14 10:17 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 10:17 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 10:16 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 10:16 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 10:16 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 10:16 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 10:16 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 10:16 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 10:16 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-14 10:15 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 10:15 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 10:15 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 10:15 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 10:15 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 10:15 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 10:15 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 10:15 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 10:15 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 10:15 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 10:15 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 10:15 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 10:15 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 10:15 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 10:06 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 10:06 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 10:06 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 10:06 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 10:06 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 10:06 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 10:06 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 10:00 - 2013-11-14 10:00 - 00000000 ____D C:\bef11424cc8b278ef622be20c22fd0 2013-11-14 09:58 - 2013-11-14 09:58 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk ==================== One Month Modified Files and Folders ======= 2013-12-11 09:15 - 2013-12-11 09:14 - 00024158 _____ C:\Users\me\Desktop\FRST.txt 2013-12-11 09:14 - 2013-12-11 09:14 - 00000000 ____D C:\FRST 2013-12-11 09:13 - 2013-12-11 09:14 - 01928212 _____ (Farbar) C:\Users\me\Desktop\FRST64.exe 2013-12-11 09:13 - 2010-05-28 17:19 - 01702492 _____ C:\Windows\WindowsUpdate.log 2013-12-11 09:12 - 2012-07-17 16:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-11 09:12 - 2010-08-11 21:08 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{82B8C7F1-E689-4B6A-A601-BD79D2450761} 2013-12-11 09:12 - 2010-05-28 17:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini 2013-12-11 08:27 - 2012-07-11 19:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-11 08:27 - 2012-07-11 19:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-10 21:54 - 2013-12-10 21:54 - 00157314 _____ C:\Users\me\Desktop\OTLfile.txt 2013-12-10 21:01 - 2013-12-10 21:01 - 00125632 _____ C:\Users\me\Desktop\Extras.Txt 2013-12-10 20:59 - 2013-12-10 20:59 - 00157080 _____ C:\Users\me\Desktop\OTL.Txt 2013-12-10 20:36 - 2013-12-10 20:36 - 00602112 _____ (OldTimer Tools) C:\Users\me\Desktop\OTL.exe 2013-12-10 20:04 - 2012-07-17 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-10 20:04 - 2012-07-17 16:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-12-10 20:04 - 2011-08-07 14:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-10 19:53 - 2013-12-10 19:53 - 00000082 _____ C:\Users\me\Desktop\kaleb.txt 2013-12-10 19:52 - 2013-12-10 19:52 - 00000216 _____ C:\Users\me\Documents\riester berechnung förderung.txt 2013-12-09 11:33 - 2013-12-09 11:33 - 00009473 _____ C:\Users\me\Desktop\Kreditkartenumsätze.htm 2013-12-09 11:33 - 2013-12-09 11:33 - 00000000 ____D C:\Users\me\Desktop\Kreditkartenumsätze_files 2013-12-09 00:17 - 2010-08-11 20:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-09 00:17 - 2010-08-11 20:06 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-09 00:14 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-09 00:14 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-08 09:50 - 2013-05-26 21:48 - 00000282 _____ C:\Windows\Tasks\CheckDriveBackgroundGuard.job 2013-12-08 09:30 - 2010-05-29 03:11 - 00787162 _____ C:\Windows\system32\perfh007.dat 2013-12-08 09:30 - 2010-05-29 03:11 - 00182370 _____ C:\Windows\system32\perfc007.dat 2013-12-08 09:30 - 2009-07-14 06:13 - 01827476 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-08 09:25 - 2013-11-26 08:32 - 00002320 _____ C:\Windows\setupact.log 2013-12-08 09:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-06 18:27 - 2013-12-06 18:27 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1643634620-494845266-3134685510-1004Core1cef2a872bd3ae5.job 2013-12-06 07:16 - 2013-08-30 21:20 - 00002224 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-12-03 10:27 - 2013-04-01 23:56 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-11-26 17:54 - 2013-11-26 17:54 - 00001028 _____ C:\Windows\PFRO.log 2013-11-26 12:48 - 2013-11-26 12:48 - 00000000 ____D C:\PMHOme - Videocam 2013-11-26 11:00 - 2013-11-26 11:00 - 00001566 _____ C:\Users\me\Desktop\eset2.txt 2013-11-26 10:51 - 2012-11-23 23:11 - 00000000 ____D C:\Program Files (x86)\Freecorder extension 2013-11-26 09:48 - 2012-11-23 23:14 - 00000000 ____D C:\Users\me\AppData\Local\Jaksta_Technologies_Pty_L 2013-11-26 09:48 - 2012-11-23 23:12 - 00000000 ____D C:\Program Files (x86)\Applian Technologies 2013-11-26 09:48 - 2010-08-20 20:49 - 00000000 ____D C:\Program Files (x86)\Musik 2013-11-26 09:48 - 2010-08-13 16:45 - 00000000 ____D C:\Users\me\AppData\Local\CrashDumps 2013-11-26 08:32 - 2013-11-26 08:32 - 00000000 _____ C:\Windows\setuperr.log 2013-11-26 00:35 - 2013-11-26 00:35 - 00001741 _____ C:\Users\me\Desktop\eset.txt 2013-11-25 22:20 - 2013-11-25 22:20 - 00011832 _____ C:\Users\me\Documents\cc_20131125_222044.reg 2013-11-25 22:19 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther 2013-11-25 22:14 - 2013-11-25 22:14 - 00000223 _____ C:\Users\me\Desktop\PC aufräumen.txt 2013-11-25 22:11 - 2012-06-10 22:27 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-11-25 21:35 - 2010-12-26 13:15 - 00007605 _____ C:\Users\me\AppData\Local\Resmon.ResmonCfg 2013-11-25 16:54 - 2013-05-07 16:15 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-11-25 16:54 - 2013-04-01 23:56 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-25 16:54 - 2013-04-01 23:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-11-25 16:46 - 2013-11-24 23:53 - 00000718 _____ C:\Users\me\Desktop\rabattschutz berechnung.txt 2013-11-24 12:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-11-22 10:03 - 2013-11-20 15:35 - 105626457 _____ C:\Windows\SysWOW64\�£ 2013-11-20 14:08 - 2010-08-11 20:09 - 00000000 ____D C:\Users\me\AppData\Local\Adobe 2013-11-20 13:59 - 2013-11-19 09:53 - 00000000 ____D C:\Users\me\Robbie Williams Take the Crown 2013-11-20 10:59 - 2010-08-11 19:58 - 00001470 _____ C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-20 10:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-20 09:29 - 2013-11-20 09:29 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-20 09:29 - 2013-11-20 09:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-20 09:29 - 2013-11-20 09:29 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-20 09:29 - 2013-11-20 09:29 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-20 09:29 - 2013-11-20 09:29 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-20 09:29 - 2013-11-20 09:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-20 09:29 - 2013-11-20 09:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-20 09:29 - 2013-11-20 09:29 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-20 09:29 - 2013-11-20 09:29 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-20 09:29 - 2013-11-20 09:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-20 09:29 - 2013-11-20 09:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-20 09:29 - 2013-11-20 09:29 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-20 09:29 - 2013-11-20 09:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-19 10:22 - 2010-09-26 08:41 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys 2013-11-19 10:10 - 2013-04-01 10:50 - 00000000 ____D C:\Users\me\AppData\Roaming\AccurateRip 2013-11-19 10:09 - 2013-11-19 10:09 - 00001369 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk 2013-11-19 10:09 - 2013-11-19 10:09 - 00000000 ____D C:\Users\me\Documents\Freemake 2013-11-19 10:09 - 2013-11-19 10:09 - 00000000 ____D C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2013-11-19 10:09 - 2013-11-19 10:08 - 00000000 ____D C:\ProgramData\Freemake 2013-11-19 10:09 - 2013-11-19 10:08 - 00000000 ____D C:\Program Files (x86)\Freemake 2013-11-19 09:57 - 2010-08-11 19:56 - 00000000 ____D C:\Users\me 2013-11-19 09:51 - 2010-04-15 12:14 - 00001024 ___RH C:\Users\Public\Documents\NTILiveUpdate.dll 2013-11-16 17:11 - 2012-05-11 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-16 09:57 - 2013-11-15 21:55 - 104513208 _____ C:\Windows\SysWOW64\㮦鸍�ž 2013-11-15 23:37 - 2013-11-15 23:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 11:07 - 2013-11-14 15:54 - 104371820 _____ C:\Windows\SysWOW64\�㊭�O 2013-11-14 10:26 - 2010-04-15 11:59 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-14 10:01 - 2013-07-17 11:34 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 10:00 - 2013-11-14 10:00 - 00000000 ____D C:\bef11424cc8b278ef622be20c22fd0 2013-11-14 10:00 - 2010-08-17 08:20 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-14 09:58 - 2013-11-14 09:58 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2013-11-14 09:57 - 2013-10-17 07:50 - 00000000 ____D C:\Program Files\McAfee Security Scan 2013-11-14 09:53 - 2013-11-07 13:50 - 104200551 _____ C:\Windows\SysWOW64\镖’�“ 2013-11-11 05:50 - 2012-07-18 09:11 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\me\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-10 23:29 ==================== End Of Log ============================ --- --- --- sowie die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013 01 Ran by me at 2013-12-11 09:15:29 Running from C:\Users\me\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32) 2007 Microsoft Office system (x32 Version: 12.0.6612.1000) 64 Bit HP CIO Components Installer (Version: 7.2.8) Acer Backup Manager (x32 Version: 2.0.1.60) Acer Crystal Eye webcam Ver:1.1.167.331 (x32 Version: 1.1.167.331) Acer ePower Management (x32 Version: 5.00.3003) Acer eRecovery Management (x32 Version: 4.05.3011) Acer Registration (x32 Version: 1.03.3002) Acer ScreenSaver (x32 Version: 1.1.0331.2010) Acer Updater (x32 Version: 1.02.3001) Acer VCM (x32 Version: 4.05.3002) Acrobat.com (x32 Version: 1.6.65) Acronis True Image WD*Edition (x32 Version: 13.0.14189) Acronis*Disk*Director*11*Home (x32 Version: 11.0.2343) ACSynchro (x32) Adobe AIR (x32 Version: 3.4.0.2540) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170) Adobe Photoshop Elements 2.0 (x32 Version: 2.0) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620) Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006) AllDup 3.4.24 (x32 Version: 3.4.24) Any Audio Converter 4.0.1 (x32) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft Software Suite (x32 Version: 1.0) Art Effects for PDR10 (Version: 2.0) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.24) ATI Catalyst Install Manager (Version: 3.0.765.0) Audacity 1.3.12 (Unicode) (x32) Avira Free Antivirus (x32 Version: 14.0.1.759) AVM FRITZ!fax für FRITZ!Box (x32) B110 (x32 Version: 140.0.283.000) Backup Manager Advance (x32 Version: 2.0.1.60) Bluetooth Win7 Suite (64) (Version: 7.2.0.56) BufferChm (x32 Version: 140.0.212.000) Business Contact Manager für Outlook 2007 SP2 (x32 Version: 3.0.8619.1) capella 2002, Version 4.0 (x32) CardRecovery 6.00 (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412) Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412) CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412) CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412) CCC Help Czech (x32 Version: 2010.0302.2232.40412) CCC Help Danish (x32 Version: 2010.0302.2232.40412) CCC Help Dutch (x32 Version: 2010.0302.2232.40412) CCC Help English (x32 Version: 2010.0302.2232.40412) CCC Help Finnish (x32 Version: 2010.0302.2232.40412) CCC Help French (x32 Version: 2010.0302.2232.40412) CCC Help German (x32 Version: 2010.0302.2232.40412) CCC Help Greek (x32 Version: 2010.0302.2232.40412) CCC Help Hungarian (x32 Version: 2010.0302.2232.40412) CCC Help Italian (x32 Version: 2010.0302.2232.40412) CCC Help Japanese (x32 Version: 2010.0302.2232.40412) CCC Help Korean (x32 Version: 2010.0302.2232.40412) CCC Help Norwegian (x32 Version: 2010.0302.2232.40412) CCC Help Polish (x32 Version: 2010.0302.2232.40412) CCC Help Portuguese (x32 Version: 2010.0302.2232.40412) CCC Help Russian (x32 Version: 2010.0302.2232.40412) CCC Help Spanish (x32 Version: 2010.0302.2232.40412) CCC Help Swedish (x32 Version: 2010.0302.2232.40412) CCC Help Thai (x32 Version: 2010.0302.2232.40412) CCC Help Turkish (x32 Version: 2010.0302.2232.40412) ccc-core-static (x32 Version: 2010.0302.2233.40412) ccc-utility64 (Version: 2010.0302.2233.40412) CCleaner (Version: 4.07) CheckDrive (x32 Version: 4.4) CPUID HWMonitor 1.19 CyberLink PowerDirector 10 (Version: 10.0.0.1703) CyberLink PowerDirector 10 (x32 Version: 10.0.0.1703) Destinations (x32 Version: 140.0.77.000) DeviceDiscovery (x32 Version: 140.0.212.000) DirComp (x32 Version: 2.06.0000) Duplicate Cleaner Free 3.2.1 (x32 Version: 3.2.1) eBay Worldwide (x32 Version: 2.1.0901) ESET Online Scanner v3 (x32) Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3) Free YouTube Download version 3.2.11.812 (x32 Version: 3.2.11.812) FreeFileSync v3.12 (x32) Freemake Video Converter Version 4.1.1 (x32 Version: 4.1.1) Google Chrome (x32 Version: 31.0.1650.63) Google Talk Plugin (x32 Version: 4.9.1.16010) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.22.3) GPBaseService2 (x32 Version: 140.0.211.000) Haufe iDesk-Browser (x32 Version: 8.07.16.5590) Haufe iDesk-Service (x32 Version: 8.08.20.5622) Hotspot Shield 3.09 (x32 Version: 3.09) HP Customer Participation Program 14.0 (Version: 14.0) HP Imaging Device Functions 14.0 (Version: 14.0) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0) HP Smart Web Printing 4.60 (Version: 4.60) HP Solution Center 14.0 (Version: 14.0) HP Update (x32 Version: 5.003.001.001) HPAppStudio (x32 Version: 140.0.95.000) HPDiagnosticAlert (x32 Version: 1.00.0000) HPPhotoGadget (x32 Version: 140.0.524.000) HPProductAssistant (x32 Version: 140.0.212.000) HTTS 2.10 (x32) ICQ7.2 (x32 Version: 7.2) ImTOO DVD Audio Ripper 6 (x32 Version: 6.0.12.0914) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 6.0.0.1179) Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014) Intel(R) Turbo Boost Technology Driver (x32 Version: 01.01.01.1007) InterVideo WinDVD 8 (x32 Version: 8.5.10.75) Ipswitch WS_FTP Pro (x32) iTunes (Version: 11.0.4.4) iVolume 3.6 (x32 Version: 3.6) Java Auto Updater (x32 Version: 2.1.6.0) Java(TM) 7 Update 5 (x32 Version: 7.0.50) JavaFX 2.1.1 (x32 Version: 2.1.1) Joe (x32 Version: 4.01.0000) Junk Mail filter update (x32 Version: 14.0.8089.726) L&H TTS3000 Deutsch (x32) LAME v3.98.2 for Audacity (x32) Launch Manager (x32 Version: 4.0.7) Lexware Info Service (x32 Version: 2.61.00.0033) Lightworks (x32 Version: 11.0.0.7) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 140.0.212.000) McAfee Security Scan Plus (Version: 3.8.130.10) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Default Manager (x32 Version: 2.1.54.0) Microsoft Office 2003 Web Components (x32 Version: 11.0.8003.0) Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office FrontPage 2003 (x32 Version: 11.0.8173.0) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32) Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Small Business Connectivity Components (x32 Version: 2.0.7024.0) Microsoft Office Suite Activation Assistant (x32 Version: 2.9) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 (x32) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00) Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0) Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0) Microsoft SQL Server Native Client (Version: 9.00.5000.00) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00) Microsoft Text-to-Speech Engine 4.0 (English) (x32) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) Mp3tag v2.46a (x32 Version: v2.46a) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Musik um uns Sekundarbereich II (x32 Version: 1.00.0000) MyMicroBalance (x32 Version: 2.5.4) MyPhoneExplorer (x32 Version: 1.8.4) Network64 (Version: 140.0.215.000) Network64 (Version: 140.0.221.000) Norton Online Backup (x32 Version: 1.2.0.36) NTI Backup Now 5 (x32 Version: 5.1.2.628) NTI Backup Now Standard (x32 Version: 5.1.2.628) NTI Media Maker 8 (x32 Version: 8.0.12.6630) OpenOffice.org 3.2 (x32 Version: 3.2.9502) Photodex Presenter (x32) PHOTOfunSTUDIO 4.0 HD Edition (x32 Version: 4.00.265) PhotoStage Slideshow Producer (x32) Pixlr-o-matic (x32 Version: 2.1) PlayMemories Home (x32 Version: 6.3.00.04221) Project64 1.6 (x32 Version: 1.6) PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000) PX Profile Update (x32 Version: 1.00.1.) QuickTime (x32 Version: 7.74.80.86) QuickTransfer (x32 Version: 140.0.98.000) Realtek High Definition Audio Driver (x32 Version: 5.10.0.6167) Recuva (Version: 1.45) Samsung Auto Backup (x32 Version: 4.1.371.0) Samsung SecretZone (x32 Version: 1.00.0000) Scan (x32 Version: 140.0.80.000) Security Task Manager 1.8d (x32 Version: 1.8d) Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005) SILKYPIX Developer Studio 3.0 SE (x32 Version: 3) SmartSound Quicktracks 5 (x32 Version: 5.1.8) SmartWebPrinting (x32 Version: 140.0.186.000) SolutionCenter (x32 Version: 140.0.214.000) Status (x32 Version: 140.0.256.000) Steuer 2008 (x32 Version: 15.00.00.0033) Steuer 2009 (x32 Version: 16.12.00.0001) Steuer Hilfesammlung (x32 Version: 15.0.0.0) Steuer Update 15.09 (x32 Version: 15.09) StreamTransport version: 1.0.2.2171 (x32) Synaptics Pointing Device Driver (Version: 15.0.12.0) TomTom HOME (x32 Version: 2.9.2) TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2) Toolbox (x32 Version: 140.0.428.000) TrayApp (x32 Version: 140.0.212.000) Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.5000.00) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Access 2007 Help (KB963663) (x32) Update for Microsoft Office Excel 2007 Help (KB963678) (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Help (KB963677) (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update for Microsoft Office Publisher 2007 Help (KB963667) (x32) Update for Microsoft Office Script Editor Help (KB963671) (x32) Update for Microsoft Office Word 2007 (KB974631) (x32) Update for Microsoft Office Word 2007 Help (KB963665) (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VideoPad Video Editor (x32) Virtual Audio Cable 4.10 Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01) VLC media player 1.1.9 (x32 Version: 1.1.9) WD SmartWare (Version: 1.6.4.7) WebReg (x32 Version: 140.0.212.017) Welcome Center (x32 Version: 1.01.3002) Windows Live Call (x32 Version: 14.0.8064.0206) Windows Live Communications Platform (x32 Version: 14.0.8064.206) Windows Live Essentials (x32 Version: 14.0.8089.0726) Windows Live Essentials (x32 Version: 14.0.8089.726) Windows Live Fotogalerie (x32 Version: 14.0.8081.709) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) Windows Live Mail (x32 Version: 14.0.8089.0726) Windows Live Messenger (x32 Version: 14.0.8089.0726) Windows Live Movie Maker (x32 Version: 14.0.8091.0730) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live Writer (x32 Version: 14.0.8089.0726) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) WinPcap 4.1.2 (x32 Version: 4.1.0.2001) WinRAR ==================== Restore Points ========================= 24-11-2013 19:29:55 Windows-Sicherung 25-11-2013 20:37:59 Removed Bonjour 26-11-2013 15:05:48 Windows Update 03-12-2013 09:38:50 Windows Update 06-12-2013 16:49:43 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2012-07-11 19:19 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {01BECDDB-B94B-49E3-BDDB-05110E4B1610} - System32\Tasks\{A4E206CC-B677-4E12-AF27-4845D6F76E36} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {24FDDC5B-4CC9-4EE8-8C15-B489BA6810EA} - System32\Tasks\{0EB1CEB2-E15F-4F2F-849A-223F62CB1062} => C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd.exe [2010-07-28] (Realtek Semiconductor Corp.) Task: {3D014C9F-61A3-4CE3-8443-7413514ECA79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11] (Google Inc.) Task: {456E637F-D58A-432A-91A2-C21C5E0D07EC} - System32\Tasks\NCH Software\photostageDowngrade => C:\Program Files (x86)\NCH Software\PhotoStage\photostage.exe [2012-06-10] (NCH Software) Task: {50EF40C3-E19F-475B-83F7-FF201BA73BF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11] (Google Inc.) Task: {550A9877-222F-4D00-8AB7-21A0B1B6BAC3} - System32\Tasks\{1474B164-4F95-407F-B8E7-EA066D54B352} => C:\Program Files\Virtual Audio Cable\audiorepeater_ks.exe [2010-08-23] (Eugene V. Muzychenko) Task: {72FB714C-A590-4AB3-8103-BCBE02A1941B} - System32\Tasks\NCH Software\photostageShakeIcon => C:\Program Files (x86)\NCH Software\PhotoStage\photostage.exe [2012-06-10] (NCH Software) Task: {7F121981-AC90-4A6C-8B2A-FC12F6557948} - System32\Tasks\{D734E93B-8563-478D-818C-89B07EC1AB42} => C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd.exe [2010-07-28] (Realtek Semiconductor Corp.) Task: {847C8BEF-F64F-4A73-A916-48850E92E014} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated) Task: {8FB04338-D2F1-4E86-B909-B43D270E0F7D} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [2012-06-10] (NCH Software) Task: {91C673B7-DCBA-45D9-B30D-462A3DC0F1A7} - System32\Tasks\{C725C077-AACB-4665-811F-5B31D4C1E90E} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {92140B1A-3F33-41AF-8E6E-A7CBFDF491A0} - System32\Tasks\{211BE139-EA21-4A1A-A7D0-D9679EC3AF7A} => C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd.exe [2010-07-28] (Realtek Semiconductor Corp.) Task: {972CAD4C-A9DE-402E-B3B4-AFA65D8CE0A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {B3D49B0E-0279-4E6B-AEF5-2C8F2F6D5CA9} - System32\Tasks\{99AF5783-6099-49FF-A1C1-68564BDDD306} => C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe Task: {B7579670-F3C5-407D-A6BA-AA6FEA6F20DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {BB0E7E76-32D5-4B15-9A63-605FD7025121} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2012-11-09] (Abelssoft) Task: {C6CDCD5E-61F5-49AC-AC6B-1E70DEFEAA78} - System32\Tasks\{F99C2A8F-AD32-4272-8125-5FBA46B0B76D} => C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe Task: {D0B426FD-5EF1-4721-9760-D4F4D1B4580E} - System32\Tasks\{2D9C1C9C-6670-434F-94A4-13F0C24C8EA1} => C:\Program Files\Virtual Audio Cable\audiorepeater_ks.exe [2010-08-23] (Eugene V. Muzychenko) Task: {D62E1938-EF9A-4D6C-902F-4BB12E8C2143} - System32\Tasks\{7E1702DC-70E7-4DBD-A1E4-AFC059F3EDB4} => C:\Windows\System32\242w2kGE - Oki Treiber 6w.exe Task: {E2FC105A-63E6-418D-8D1A-7BF9E64B0317} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [2012-06-10] (NCH Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1643634620-494845266-3134685510-1004Core1cef2a872bd3ae5.job => C:\Users\me\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-02-21 23:31 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll 2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-05-28 17:19 - 2010-05-28 17:19 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2013-02-25 16:22 - 2013-02-23 10:53 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-15 19:27 - 2013-08-15 19:27 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\44bfa824a3b8a6f789fda79a2e01a8db\IsdiInterop.ni.dll 2010-04-15 11:49 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2010-04-15 12:33 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll 2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2010-08-23 16:56 - 2003-12-16 16:01 - 00024621 _____ () c:\program files (x86)\internet\nsftpch.dll 2013-12-06 07:16 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll 2013-12-06 07:16 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll 2013-12-06 07:16 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll 2013-12-06 07:16 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll 2013-12-06 07:16 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll 2013-12-06 07:16 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" ==================== Faulty Device Manager Devices ============= Name: Photosmart B110 series Description: Photosmart B110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (12/09/2013 02:12:36 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/09/2013 00:14:21 AM) (Source: Windows Backup) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (12/05/2013 02:03:06 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/02/2013 01:47:41 PM) (Source: Windows Backup) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (11/30/2013 09:13:39 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/26/2013 07:04:19 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/26/2013 07:03:10 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/26/2013 09:48:31 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 7.0.0.48, Zeitstempel: 0x4b1ae3c6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000222d2 ID des fehlerhaften Prozesses: 0x16b8 Startzeit der fehlerhaften Anwendung: 0xAu_.exe0 Pfad der fehlerhaften Anwendung: Au_.exe1 Pfad des fehlerhaften Moduls: Au_.exe2 Berichtskennung: Au_.exe3 Error: (11/26/2013 09:40:20 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/26/2013 09:40:16 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (12/11/2013 09:12:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/11/2013 09:12:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/11/2013 09:12:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/11/2013 09:12:56 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/11/2013 09:12:56 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (12/11/2013 09:12:56 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (12/11/2013 08:27:18 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/11/2013 08:27:18 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/11/2013 08:27:18 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/11/2013 08:27:18 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Microsoft Office Sessions: ========================= Error: (06/03/2013 11:15:46 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/03/2013 06:55:45 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1049 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/02/2012 09:25:47 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 40936 seconds with 660 seconds of active time. This session ended with a crash. Error: (08/19/2011 09:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error: (07/20/2011 10:14:59 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 6602 seconds with 60 seconds of active time. This session ended with a crash. Error: (05/15/2011 08:52:55 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2011-05-16 14:17:21.690 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:21.674 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:19.927 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:19.896 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:19.303 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:19.288 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:18.461 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:18.445 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:12.517 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2011-05-16 14:17:12.502 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd20.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 55% Total physical RAM: 3956.48 MB Available physical RAM: 1769.84 MB Total Pagefile: 7911.15 MB Available Pagefile: 4966.82 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (System & Programme) (Fixed) (Total:146.66 GB) (Free:73.01 GB) NTFS Drive e: (Daten) (Fixed) (Total:278 GB) (Free:26.97 GB) NTFS Drive f: (Daten 2) (Fixed) (Total:28 GB) (Free:5.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EE62CB70) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=147 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=306 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
11.12.2013, 11:56 | #4 |
| Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? Hallo Schrauber, ich habe exakt selbiges Problem wie kinderriegel. Es betrifft allerdings ein GMX Mail Konto, das von 3 verschiedenen Rechnern (Von mir, meinem Vater, meiner Schwester) verwendet wird. Kann ich dafür einen einzigen Thread verwenden oder doch lieber getrennt? |
11.12.2013, 14:00 | #5 |
| Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? @Dude mach doch nen eignen Thread auf und stell die Frage dort! So wie ich die Hinweise verstanden habe, denkt womöglich Schrauber nun mir wäre von dir weitergeholfen worden und ich warte hier und warte? @Schrauber. Neue Mails waren übrigens seit gestern abend nicht mehr gekommen. Und hier ist auch nochmal das Logfile von MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008 www.malwarebytes.org Database version: v2013.12.11.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 me :: ME-PC [administrator] 11.12.2013 09:31:42 mbar-log-2013-12-11 (09-31-42).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 280479 Time elapsed: 20 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
12.12.2013, 09:27 | #6 |
/// the machine /// TB-Ausbilder | Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? Bitte nen eigenen Thread aufmachen.
__________________ --> Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? |
12.12.2013, 09:29 | #7 |
/// the machine /// TB-Ausbilder | Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? @Kinderriegel Logs sind unauffällig. Passwort zum Mail-Acc geändert? Diese Accounts werden meist direkt online gehackt, ohne Malware auf dem REchner.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.12.2013, 10:53 | #8 |
| Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? das beruhigt mich. ja, Passwort hatte ich geändert. War wohl auch noch etwas zu simple muss ich auch leider zugeben. dann vielen herzlichen DANK!!! |
12.12.2013, 12:53 | #9 |
/// the machine /// TB-Ausbilder | Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Mailer Daemon Mails von GMX-Konto - Spam oder sendet Outlook selbstständig Mails? |
adobe, antivir, avg, avira, bho, browser, excel, explorer, firefox, flash player, format, gmx.de, google, home, hotspot, installation, karte, launch, logfile, mail daemon spam mails, mp3, musik, nemesis, plug-in, port, redtube, registry, security, senden, server, spam, urmann + collegen, usb |