| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - Temp-Ordner verdächtiges VerhaltenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.01.2014, 15:54
| #1 |
 |  Windows 7 - Temp-Ordner verdächtiges Verhalten Hallo zusammen. Ich hab ein Problem bei dem ich nicht weiter komme und eure hilfe benötige. Ich hab meinen Temp Ordner auf C:\Temp und den sehe ich mir jeden Tag an dort tauchen .dll Dateien und auch .exe Dateien auf die sofort vom Virenprogramm als Trojaner erkannt werden. Hier nun die zusammengestellten Informationen. defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:51 on 05/01/2014 (silversurfer)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by silversurfer (administrator) on MARCEL on 05-01-2014 14:53:08
Running from C:\Users\silversurfer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDockTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 14\SpeedCommander.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8768GX] - C:\Windows\SysWOW64\HsMgr.exe [200704 2009-09-24] ()
HKLM\...\Run: [Cmaudio8768GX64] - C:\Windows\system\HsMgr64.exe [282112 2009-09-24] ()
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3993416 2011-09-18] (O&O Software GmbH)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Policies\Explorer: [NoDrives] 0x00000000
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {6956e08e-17a6-11e1-9373-001f1f63289b} - "L:\WD SmartWare.exe" autoplay=true
IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\backitup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\cdspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\formdesigner.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupneromobile.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\snapview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7B53520D97ABCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
SearchScopes: HKCU - {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: SDHelper - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\donottrackplus@abine.com
FF Extension: Ghostery - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\firefox@ghostery.com
FF Extension: Flagfox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Blue Fox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: FT GraphiteGlow - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
FF Extension: DownloadHelper - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DNS Cache - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\dnscache@dominik.jungowski.xpi
FF Extension: FastestFox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: Google Translator for Firefox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\translator@zoli.bod.xpi
FF Extension: RefControl - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi
FF Extension: Cookie Monster - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF Extension: NoScript - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Web Developer - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Download Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Extended Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi
FF Extension: Tab Mix Plus - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Adblock Edge - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; c:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3271496 2011-09-18] (O&O Software GmbH)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe [137224 2011-06-14] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe [2591232 2011-06-17] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\snac64.exe [324528 2011-06-17] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [28320 2011-10-25] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-07] ()
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1029120 2010-08-24] (C-Media Inc)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-29] (Symantec Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] ()
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\IPSDefs\20140103.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F892.tmp [6144 2009-06-18] (Sophos Plc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140104.006\ENG64.SYS [126040 2013-10-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140104.006\EX64.SYS [2099288 2013-10-30] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-09-22] ()
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-06] (Realtek Semiconductor Corporation )
S1 SAVRKBootTasks; C:\Windows\SysWow64\SAVRKBootTasks.sys [18816 2009-06-18] (Sophos Plc)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSP64.SYS [745592 2011-05-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSPX64.SYS [40568 2011-05-27] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\SyDvCtrl64.sys [29664 2011-06-17] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMDS64.SYS [451192 2011-05-02] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMEFA64.SYS [928888 2011-05-17] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-09-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\Ironx64.SYS [170104 2011-05-10] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [147632 2013-09-16] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [62136 2011-05-26] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
S3 aswArKrn; \??\c:\Temp\aswArKrn.sys [x]
S3 cpuz136; \??\c:\Temp\cpuz136\cpuz136_x64.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-05 14:53 - 2014-01-05 14:53 - 00026510 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-05 14:52 - 2014-01-05 14:52 - 00000000 ____D C:\FRST
2014-01-05 14:51 - 2014-01-05 14:51 - 00000486 _____ C:\Users\silversurfer\Desktop\defogger_disable.log
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-05 14:39 - 2014-01-05 14:39 - 00065817 _____ C:\Users\silversurfer\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
2014-01-05 14:37 - 2014-01-05 14:37 - 00377856 _____ C:\Users\silversurfer\Desktop\gmer_2.1.19163.exe
2014-01-05 14:35 - 2014-01-05 14:35 - 00050477 _____ C:\Users\silversurfer\Desktop\Defogger.exe
2014-01-04 21:00 - 2014-01-04 21:00 - 01233962 _____ C:\Users\silversurfer\Desktop\adwcleaner.exe
2014-01-04 20:18 - 2014-01-04 20:18 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:22 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-31 10:36 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-31 10:36 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-31 10:36 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-31 10:36 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-31 10:36 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-31 10:36 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-31 10:36 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-31 10:36 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-31 10:36 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-31 10:36 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-31 10:36 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-31 10:36 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-31 10:36 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-31 10:36 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-30 12:37 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:25 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-30 11:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-30 11:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-30 11:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-30 11:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-30 11:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-30 11:08 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-30 11:08 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-30 11:08 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-30 11:08 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-30 11:08 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-30 11:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-30 11:08 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-30 11:08 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-30 11:08 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-30 11:08 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-30 11:08 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-30 11:08 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-30 11:08 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-30 11:08 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-30 11:08 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-30 11:08 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-30 11:08 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-30 11:08 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-30 11:08 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-30 11:08 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-29 20:32 - 2013-11-24 18:48 - 00001374 _____ C:\Users\silversurfer\Desktop\Windows 8.1 Pro x64.lnk
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== One Month Modified Files and Folders =======
2014-01-05 14:53 - 2014-01-05 14:53 - 00026510 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-05 14:52 - 2014-01-05 14:52 - 00000000 ____D C:\FRST
2014-01-05 14:51 - 2014-01-05 14:51 - 00000486 _____ C:\Users\silversurfer\Desktop\defogger_disable.log
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-05 14:51 - 2011-11-25 17:15 - 00000000 ____D C:\Users\silversurfer
2014-01-05 14:39 - 2014-01-05 14:39 - 00065817 _____ C:\Users\silversurfer\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
2014-01-05 14:37 - 2014-01-05 14:37 - 00377856 _____ C:\Users\silversurfer\Desktop\gmer_2.1.19163.exe
2014-01-05 14:35 - 2014-01-05 14:35 - 00050477 _____ C:\Users\silversurfer\Desktop\Defogger.exe
2014-01-05 14:06 - 2011-11-25 21:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\AIMP
2014-01-05 14:01 - 2011-12-12 16:15 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Notepad++
2014-01-05 13:58 - 2011-11-26 17:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\vlc
2014-01-05 12:59 - 2012-07-09 13:54 - 01821290 ____N C:\Windows\WindowsUpdate.log
2014-01-05 11:38 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:38 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:31 - 2013-06-25 21:24 - 00003246 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-01-05 11:30 - 2011-12-21 09:46 - 01555894 _____ C:\Windows\system32\oodbs.lor
2014-01-05 11:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 22:56 - 2013-01-06 11:52 - 00000000 ____D C:\Users\silversurfer\.rs
2014-01-04 21:00 - 2014-01-04 21:00 - 01233962 _____ C:\Users\silversurfer\Desktop\adwcleaner.exe
2014-01-04 20:18 - 2014-01-04 20:18 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-04 18:28 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2014-01-04 18:28 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2014-01-04 18:28 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 18:22 - 2011-12-01 11:14 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2014-01-04 18:05 - 2011-11-25 21:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-04 18:05 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2014-01-04 18:01 - 2013-08-18 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:25 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2014-01-04 16:25 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:23 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-04 16:22 - 2011-11-25 21:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-04 16:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-03 22:12 - 2013-08-27 17:17 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Media Player Classic
2014-01-03 22:12 - 2011-11-25 17:09 - 00000000 ____D C:\Windows\Panther
2014-01-02 21:50 - 2013-04-21 10:49 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-31 13:23 - 2011-11-29 16:54 - 00000000 ____D C:\Users\silversurfer\Documents\Snagit
2013-12-31 10:36 - 2011-11-25 18:37 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-30 16:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-30 12:50 - 2011-11-25 17:16 - 00001425 _____ C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 12:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:29 - 2013-07-27 20:34 - 00000000 ____D C:\Windows\system32\MRT
2013-12-30 10:59 - 2013-04-28 22:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-30 10:56 - 2012-04-05 08:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-30 10:56 - 2011-11-28 21:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 20:37 - 2011-11-25 22:51 - 00000000 ____D C:\Users\silversurfer\.VirtualBox
2013-12-29 20:27 - 2011-11-25 18:39 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-29 20:03 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\CSC
2013-12-29 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 12:15
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by silversurfer at 2014-01-05 14:53:45
Running from C:\Users\silversurfer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
888poker (x32 Version: - )
Abloadtool (x32 Version: - Tim Demkowsky)
abylon EXIF-CLEANER 2013 (x32 Version: 2013 - abylonsoft)
ACDSee 16 (x32 Version: 16.1.88 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.8 - Adobe Systems)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.149 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.00 (x32 Version: 2.00 - FinalWire Ltd.)
AIMP2 (x32 Version: - AIMP DevTeam)
AIMP2: Audio Tools (x32 Version: - AIMP DevTeam)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
ANNO 1404 - Venedig (x32 Version: 2.0.5008.0 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1404 (x32 Version: 1.02.0000 - Ubisoft)
ANNO 2070 (x32 Version: 1.0.0.0 - Ubisoft)
AnVir Task Manager (x32 Version: 6.3.1 - AnVir Software)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
Battlefield 4™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.0 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.00.0000 - 2K Games)
CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.08 - Piriform)
CheshireCat's One Click Thumbnailer (x32 Version: 1.00.0000 - CheshireCat)
dBpoweramp [Calculate Audio CRC] Codec (x32 Version: - )
dBpoweramp Dalet Codec (x32 Version: - )
dBpoweramp DSP Effects (x32 Version: Release 6 - Illustrate)
dBpoweramp FLAC Codec (x32 Version: Release 12 (FLAC 1.2.1) - Illustrate)
dBpoweramp Monkeys Audio Codec (x32 Version: - )
dBpoweramp Mp2 and BwfMp2 codec (x32 Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (x32 Version: Release 2a (v4.0.3) - Illustrate)
dBpoweramp Music Converter (x32 Version: Release 14 - Illustrate)
dBpoweramp Ogg Vorbis Codec (x32 Version: Release 19 (Vorbis v1.2.0) - Illustrate)
dBpoweramp Real Audio (Helix) Encoder (x32 Version: - )
dBPoweramp tooLame MP2 codec (x32 Version: - )
dBpoweramp Wave64 Codec (x32 Version: - )
dBpoweramp WavPack Codec (x32 Version: - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version: - Microsoft)
DivX-Setup (x32 Version: 2.6.1.44 - DivX, LLC)
Driver Genius (x32 Version: 12.0 - Driver-Soft Inc.)
DX10 (x32 Version: - Image-Line)
Edison (x32 Version: - Image-Line bvba)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
F1 2013 German (x32 Version: 1 - )
FIFA 14 Ultimate Edition MULTI-14 1.2.0 (x32 Version: - )
Filters Unlimited 2.0 (x32 Version: - )
Flash Player Pro V5.6 (x32 Version: - FlashPlayerPro.com)
Full Tilt Poker.Eu (x32 Version: 4.55.4.WIN.FullTilt.EU - )
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1 - GEAR Software, Inc.)
GetDataBack for NTFS (x32 Version: 4.22.000 - Runtime Software)
Google Earth (x32 Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.21.79 - Google Inc.) Hidden
Helium Music Manager 9.3 (x32 Version: 9.3.0.11570 - Imploded Software)
ID3-TagIT 3 (x32 Version: 3 - Michael Pluemper)
IL Download Manager (x32 Version: - Image-Line)
IL DrumSynth Live (x32 Version: - Image-Line)
IL Slicex (x32 Version: - Image-Line)
Index.dat Analyzer v2.5 (x32 Version: 2.5 - Systenance Software)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (x32 Version: 2 - AppWork GmbH)
K-Lite Codec Pack 10.0.0 Full (x32 Version: 10.0.0 - )
Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
MAGIX Video Pro X3 Download-Version (x32 Version: 10.0.12.2 - MAGIX AG)
MAGIX Video Pro X3 Download-Version (x32 Version: 10.0.12.2 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.64 (Version: 0.7.64 - MediaArea.net)
MegaTrainer eXperience V1.0.0.5 (x32 Version: - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Fusion Demo 7.4.4 (x32 Version: - MixMeister Technology LLC)
Mozilla Firefox 12.0 (x86 de) (x32 Version: 12.0 - Mozilla)
MSU Screen Capture Lossless Codec v1.2 (Remove Only) (x32 Version: - )
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nero 7 Ultra Edition (x32 Version: 7.02.9753 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetSpeedMonitor 2.5.4.0 x64 (Version: 2.5.4.0 - Florian Gilles)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (x32 Version: 5.9.6.2 - )
O&O Defrag Professional (Version: 15.0.73 - O&O Software GmbH)
OpenAL (x32 Version: - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Tools Registry Mechanic 11.0 (x32 Version: 11.0 - PC Tools)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickSFV (Remove only) (Version: - )
RapidShare Manager 2 (x32 Version: 2 - RapidShare AG)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SimSynth (x32 Version: - Image-Line)
Snagit 10.0.1 (x32 Version: 10.0.1 - TechSmith Corporation)
Sophos Anti-Rootkit 1.5.0 (x32 Version: 1.5.0 - Sophos Plc)
SpeedCommander 14 (x64) (Version: 14.61.7350 - SWE Sven Ritter)
Spybot - Search & Destroy (x32 Version: 2.0.12 - Safer-Networking Ltd.)
Stardock Software (x32 Version: 1.00 - Stardock Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SurfMusik 3.1a (x32 Version: 3.1a - Marcus Schmitt)
Symantec Endpoint Protection (Version: 12.1.671.4971 - Symantec Corporation)
Theatron Agrippa (Version: - )
TMPGEnc 4.0 XPress (x32 Version: 4.7.7.307 - Pegasys, Inc.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.) Hidden
UltraISO Premium V9.52 (x32 Version: - )
Universal Adb Driver (x32 Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
WaveLab 6 (x32 Version: 6.1.0.340 - Steinberg)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.2 (64-bit) (x32 Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 11.0.000.504 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-04-18 11:18 - 2013-10-07 20:55 - 00002374 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 support.apowersoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 flashfxp.com
127.0.0.1 flashfxp.org
127.0.0.1 flashfxp.ws
127.0.0.1 www.flashfxp.com
127.0.0.1 www.flashfxp.org
127.0.0.1 www.flashfxp.ws
127.0.0.1 liveupdate.inicom.net/verify.php
127.0.0.1 liveupdate.inicom.net
127.0.0.1 liveupdate.flashfxp.com
127.0.0.1 update.inicom.net
127.0.0.1 update.flashfxp.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.adobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
There are 22 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {239DFFB1-C095-431C-A56A-A32D753967B1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2F219821-3EFD-46F2-B2F1-EF3C8F9DA243} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {301B41BB-6EDA-439E-AB42-21E53825839A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {3DA2EAB6-3FC4-4FC1-B4C3-F1234CB10806} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6C15BA14-B28B-4A72-9AA8-B3F8DA262C67} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {859DF0C7-B0E0-46EB-B33A-4FD7E4A6E688} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\Update.exe [2011-10-25] (PC Tools)
Task: {9AD9E316-3CFD-4D30-A8C2-3D8B57F94B60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A978F501-9BDA-49BB-8742-D033DA5ADD13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AE98D1D1-EB09-4A5B-B62E-B9CB67C6EAF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B4DC2474-F865-4FB3-8018-AF8BCDE045C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B5DE482C-65DA-4B03-B070-C62F531D9457} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {B6A272BA-0A0F-4CD1-A924-8135C83670DB} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2011-10-25] (FinalWire Ltd.)
Task: {B7AAAC85-A9C9-4ED5-92A7-13474FB08AC8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {BE60BFCF-1F31-42D7-840C-9D5F600A1C73} - System32\Tasks\AdobeAAMUpdater-1.0-marcel-silversurfer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {EDB5A878-417B-415B-AA7C-056E0B779FA1} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-10-25] (PC Tools)
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
==================== Loaded Modules (whitelisted) =============
2011-12-01 11:28 - 2010-09-22 21:20 - 00776704 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-06-14 17:10 - 2011-06-14 17:10 - 00115200 _____ () C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2011-07-18 22:04 - 2011-07-18 22:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-07-19 12:55 - 2013-07-19 12:55 - 01421480 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 00170664 _____ () C:\Program Files\Microsoft Office\Office15\OUTLCTL.DLL
2013-04-28 22:31 - 2012-11-13 13:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-04-28 22:31 - 2012-08-23 08:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2011-12-01 11:28 - 2010-10-01 02:50 - 00675840 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2011-12-01 11:28 - 2011-12-01 11:31 - 00807936 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll
2011-12-01 11:28 - 2010-03-09 22:58 - 00053760 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll
2013-12-29 20:11 - 2013-12-29 20:12 - 01952696 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-30 10:56 - 2013-12-30 10:56 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2014 02:27:02 PM) (Source: Symantec AntiVirus) (User: marcel)
Description: SYMANTEC MANIPULATIONSSCHUTZ WARNMELDUNG
Ziel: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
Ereignisinfo: Erstellen Vorgang
Durchgeführte Aktion: Blockiert
Angreifender Prozess: C:\PROGRAM FILES\LOGITECH\SETPOINTP\SETPOINT.EXE (PID 380)
Zeit: Sonntag, 5. Januar 2014 14:27:02
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (01/05/2014 02:27:02 PM) (Source: Symantec AntiVirus)(User: marcel)
Description: SYMANTEC MANIPULATIONSSCHUTZ WARNMELDUNG
Ziel: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
Ereignisinfo: Erstellen Vorgang
Durchgeführte Aktion: Blockiert
Angreifender Prozess: C:\PROGRAM FILES\LOGITECH\SETPOINTP\SETPOINT.EXE (PID 380)
Zeit: Sonntag, 5. Januar 2014 14:27:02
CodeIntegrity Errors:
===================================
Date: 2014-01-05 11:36:43.141
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-05 11:30:41.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:42:01.960
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:22:03.873
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:12:01.804
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 15:47:47.484
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 15:40:15.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 12:25:42.959
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 11:59:35.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 10:13:28.184
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 4095.05 MB
Available physical RAM: 1211.3 MB
Total Pagefile: 8188.29 MB
Available Pagefile: 4558.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.21 GB) (Free:125.88 GB) NTFS
Drive e: (Laufwerk) (Fixed) (Total:931.51 GB) (Free:219.62 GB) NTFS
Drive k: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 68666768)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 5906C79D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
| Themen zu Windows 7 - Temp-Ordner verdächtiges Verhalten |
| adblock, antivirus, branding, browser, computer, converter, excel, firefox, flash player, helper, launch, mozilla, mp3, newtab, nodrives, plug-in, problem, programm, prozess, realtek, refresh, registry, rundll, scan, secur, security, software, svchost.exe, symantec, system, trojaner, windows |
Baum-Darstellung