Kann jemand mal über mein Hijack schauen

Kross · 13.02.2014, 18:59

Hallo Leute,

kann jemand mal über mein Hijack schauen. In letzer Zeit kommt es mir etwas spanisch vor.
Bekomme andauernd Viruswarnung von Phisingseiten, aber das sind normale seiten wo ich sonst auch nutze. Wenn ich bei meinem Brwoser eine seite wieder zurück gehen will, kommt meistens Blanko seite, und in der Adressleiste ist ein graues Dreieck mit Ausrufezeichen.
Selbst beim anmelden von Amazon hat sich auf einmal eine Pornoseite geöffnet.

Meine Daten:

Windows 7 64 bit
Mozilla Firefox
Adblockplus Plugin
Gdata Internetsecurity
Spybot (Mailware)

ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:32, on 13.02.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
D:\Spiele\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
C:\Users\deLepsch\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP22&ocid=UP22DHP&dt=050213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX535WD" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-3090087461-1257865367-1472158643-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3090087461-1257865367-1472158643-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\deLepsch\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:\Program Files\EslWire\service\WireHelperSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13715 bytes

Thx 4 Help

cosinus · 13.02.2014, 19:38

Hallo und

Lesestoff:
Bitte keine Hijackthis-Logfiles posten!!!

Zitat:

Zitat von Larusso

Uns ist klar, dass HijackThis wahrscheinlich eines der bekanntesten Analysetools ist.

Jedoch scannt es nur noch sehr oberflächlich und gibt uns für eine genaue Analyse eures Systems zu wenig Informationen.

Darum, bitte keine HijackThis Logfiles posten, sondern folgendes lesen und abarbeiten.

http://www.trojaner-board.de/69886-a...-beachten.html

Nur mit diesen Informationen können wir euch helfen.

Danke

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Kross · 14.02.2014, 19:51

Ok Danke dir,

Spybotlog Log

Code:

ATTFilter

Search results from Spybot - Search & Destroy

03.02.2014 17:25:21
Scan took 00:28:35.
19 items found.

Anchor.Hss: [SBI $BCFD591B] Program directory (Directory, nothing done)
  C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome.manifest
  Directory.subfile.size=1495
  Directory.subfile.md5=0983C4BD14398371DA9E08AD9E9B47B9
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\install.rdf
  Directory.subfile.size=1095
  Directory.subfile.md5=04D4AF7573CCC1EA1E32A4E6A0A70F4B
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.xpt
  Directory.subfile.size=250
  Directory.subfile.md5=1A88B7A8247FD7BFCC10C8785184B650
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\skin\overlay.css
  Directory.subfile.size=88
  Directory.subfile.md5=D70B936AA5A6028C0DE1061FF0979844
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content\afurlhelper.js
  Directory.subfile.size=18768
  Directory.subfile.md5=B6717BCF7BC31BF3719E1486A4719965
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content\afurlhelper_comp.js
  Directory.subfile.size=863
  Directory.subfile.md5=007112BDCFC1E9311753B89834CEA777
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content\overlay.js
  Directory.subfile.size=841
  Directory.subfile.md5=C66678937E0ED12CCAFB411F71C8161C
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\chrome\content\overlay.xul
  Directory.subfile.size=526
  Directory.subfile.md5=0B4F542F4DB718A390AC57C7038584D4
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\defaults\preferences\prefs.js
  Directory.subfile.size=467
  Directory.subfile.md5=8C6B8F73312F4675CAF90DAC20B2A6DD
  Directory.subfile.filedate=1386428205
  Directory.subfile.filedatetext=2013-12-07 15:56:45
  Directory.subfile=C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\locale\en-US\overlay.dtd
  Directory.subfile.size=39
  Directory.subfile.md5=22B142E4421716DA2BE655F18444E67B
  Directory.subfile.filedate=1365787766
  Directory.subfile.filedatetext=2013-04-12 18:29:26

Anchor.Hss: [SBI $42E36586] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\AnchorFree

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\OCS\lastPID

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\OCS\PID

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3090087461-1257865367-1472158643-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (1967) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (6) (Browser: History, nothing done)
  


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-07-10 SDWelcome.exe (2.1.21.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-09-12 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-01-08 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-01-29 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-01-08 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-14 Includes\Malware-C.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-01-29 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-01-15 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-01-29 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

Gdata Log

Code:

ATTFilter

Phishingprüfung von Web-Seiten

Adresse:     hxxp://euwfb.adsrvr.org/bid/feedback/appnexus?iid=da979fbd-b34f-45c4-9dd7-7e3d86fc3ded&aid=5997435357155026082&wp=0.7&sfe=5338eeb&puid=&tdid=&pid=qs17xyb&ag=2jwt07s&crid=hrz9sh4u&fq=0&td_s=esl.eu&rcats=jba,z2d&mcat=&mste=&mfld=3&mssi=&mfsi=avsztd6&uhow=97&agsa=0x449EB5C1&rgco=Germany&rgre=Hessen&rgme=0&rgci=Frankfurt&svbttd=1&dt=PC&osf=Windows&os=Windows7&br=Firefox&rlangs=de,en&mlang=&svpid=1538&did=&dur=
Status:     Der Zugriff wurde verweigert.

Frst.txt log

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by deLepsch at 2014-02-13 22:11:51
Running from C:\Users\deLepsch\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Battlefield 3™ (x32 Version: 1.4.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.1.2 - EA Digital Illusions CE AB)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (x32 Version:  - )
Call of Duty: Ghosts (x32 Version:  - Infinity Ward)
CCleaner (Version: 4.05 - Piriform)
Counter-Strike: Global Offensive (x32 Version:  - )
Counter-Strike: Source (x32 Version:  - Valve)
Creative 3DMIDI Player (x32 Version: 1.11 - Creative Technology Limited)
Creative ALchemy (x32 Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (x32 Version: 3.00 - Creative Technology Limited)
Creative Konsole Starter (x32 Version: 2.61 - Creative Technology Limited)
Creative Media Toolbox 6 (Shared Components) (x32 Version: 2.80.12 - Creative Labs)
Creative Media Toolbox 6 (x32 Version: 6.02 - Creative Technology Limited)
Creative MediaSource 5 (x32 Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (x32 Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02 - Creative Technology Limited)
Creative WaveStudio 7 (x32 Version: 7.14 - Creative Technology Limited)
Creative-Diagnose (x32 Version: 5.11 - Creative Technology Limited)
DivX-Setup (x32 Version: 2.6.1.9 - DivX, LLC)
Dolby Digital Live Pack (x32 Version: 3.00 - Creative Technology Limited)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Download Navigator (x32 Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DTS Connect Pack (x32 Version: 1.00 - Creative Technology Limited)
EPSON BX535WD Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESL Wire 1.17.3 (Version:  - Turtle Entertainment GmbH)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
EVEREST Ultimate Edition v5.50 (x32 Version: 5.50 - Lavalys, Inc.)
Far Cry 3 (x32 Version: 1.03 - Ubisoft)
Free YouTube to MP3 Converter version 3.12.10.812 (x32 Version: 3.12.10.812 - DVDVideoSoft Ltd.)
G Data InternetSecurity 2014 (x32 Version: 24.0.3.4 - G Data Software AG)
Hotspot Shield 2.91 (x32 Version: 2.91 - AnchorFree Inc.)
iCloud (Version: 2.1.2.8 - Apple Inc.)
ICQ7M (x32 Version: 7.8 - ICQ)
iDevice Manager (x32 Version: 2.3.0.3 - Marx Softwareentwicklung)
iExplorer 3.2.5.2 (x32 Version:  - Macroplant LLC)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSI Afterburner 2.3.1 (x32 Version: 2.3.1 - MSI Co., LTD)
MSI Kombustor 2.5.0 (x32 Version:  - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (x32 Version:  - Nero AG)
Nero BurningROM (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero BurnRights (x32 Version: 2.99.6.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.0.5.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.0.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 1.53.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.0.0.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 4.99.5.105 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 3.99.5.105 - Nero AG) Hidden
Nero Express (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero InfoTool (x32 Version: 5.99.5.105 - Nero AG) Hidden
Nero Installer (x32 Version: 2.0.0.1 - Nero AG) Hidden
Nero Live (x32 Version: 1.0.164.0 - Nero AG) Hidden
Nero Live Help (x32 Version: 1.0.162.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Recode Help (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero RescueAgent Help (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 4.99.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.0.9.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero Vision (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero Vision (x32 Version: 6.0.6.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.0.18.0 - Nero AG) Hidden
Nero WaveEditor Help (x32 Version: 5.0.15.0 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.0.9.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.0.9.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 306.23 (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.0.13.2142 - Electronic Arts, Inc.)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Skype™ 6.3 (x32 Version: 6.3.105 - Skype Technologies S.A.)
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
Spybot - Search & Destroy (x32 Version: 2.1.21 - Safer-Networking Ltd.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Uplay (x32 Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (x32 Version:  - Elaborate Bytes)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
Winamp (x32 Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

11-02-2014 13:01:01 Windows Update
13-02-2014 17:42:46 Windows Update
13-02-2014 18:37:49 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-02 17:40 - 00450799 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100888290cs.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {03F8CE04-5E78-4C8F-AA16-45C3E269FE86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {1D6EFB01-D0EA-40C2-9CD5-6D93259FAFEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {1DC58D40-0AEA-4FB4-8E65-001AEEE0787D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {54DABF6C-178A-46AC-8347-8BF0A456F8A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F04EC574-31D8-489C-A1E0-B631EB8BE603} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {F66824E1-886D-4251-8031-7D472BA42141} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-10-29 11:08 - 2012-10-29 11:08 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
2012-10-29 11:08 - 2012-10-29 11:08 - 00236032 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
2012-10-29 11:08 - 2014-01-27 20:02 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 11:08 - 2014-01-27 20:02 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2012-10-29 11:08 - 2014-01-27 20:02 - 00565224 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-01-11 20:35 - 2014-01-11 20:35 - 00243712 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2013-10-05 14:46 - 2014-01-27 20:02 - 00700904 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00092072 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\hl2.exe
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 19:35 - 2013-04-12 19:35 - 00705832 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-04-12 19:36 - 2013-04-12 19:36 - 00390440 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2012-10-06 18:45 - 2012-12-15 17:23 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-12 16:20 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-12 16:20 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-12 16:20 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-12 16:20 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-12 16:20 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-08-11 16:00 - 2011-08-11 16:00 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL
2012-07-08 21:30 - 2009-06-29 09:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-02-05 19:29 - 2014-02-05 19:29 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-04 21:47 - 2014-02-04 21:47 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2014-01-11 16:46 - 2013-12-12 23:19 - 00142848 _____ () D:\Spiele\libavresample-1.dll
2014-01-11 16:46 - 2013-11-05 02:12 - 00890592 _____ () D:\Spiele\libavutil-52.dll
2013-03-12 17:10 - 2014-01-11 00:33 - 00717312 _____ () D:\Spiele\SDL2.dll
2012-09-16 12:22 - 2014-01-27 20:02 - 01138088 _____ () D:\Spiele\bin\chromehtml.DLL
2012-09-16 12:22 - 2014-01-11 00:33 - 20625832 _____ () D:\Spiele\bin\libcef.dll
2012-09-16 12:22 - 2013-06-15 00:49 - 01100800 _____ () D:\Spiele\bin\avcodec-53.dll
2012-09-16 12:22 - 2013-06-15 00:49 - 00124416 _____ () D:\Spiele\bin\avutil-51.dll
2012-09-16 12:22 - 2013-06-15 00:49 - 00192000 _____ () D:\Spiele\bin\avformat-53.dll
2014-02-13 19:16 - 2014-02-13 19:16 - 00155232 ___HT () C:\Users\deLepsch\AppData\Local\Temp\~7ED.tmp
2013-10-02 14:16 - 2013-10-02 14:16 - 00164264 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\launcher.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00265640 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\tier0.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00176552 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\vstdlib.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00701352 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\filesystem_stdio.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 04388776 _____ () d:\spiele\steamapps\common\counter-strike source\bin\engine.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00109480 _____ () d:\spiele\steamapps\common\counter-strike source\bin\inputsystem.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00675840 _____ () d:\spiele\steamapps\common\counter-strike source\bin\SDL2.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 01215912 _____ () d:\spiele\steamapps\common\counter-strike source\bin\materialsystem.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00239528 _____ () d:\spiele\steamapps\common\counter-strike source\bin\datacache.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00578472 _____ () d:\spiele\steamapps\common\counter-strike source\bin\studiorender.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00971176 _____ () d:\spiele\steamapps\common\counter-strike source\bin\vphysics.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00097192 _____ () d:\spiele\steamapps\common\counter-strike source\bin\video_services.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 01421224 _____ () d:\spiele\steamapps\common\counter-strike source\bin\vguimatsurface.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00357800 _____ () d:\spiele\steamapps\common\counter-strike source\bin\vgui2.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 01676712 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\shaderapidx9.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00124328 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\video_quicktime.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00108456 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\video_bink.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00214440 _____ () d:\spiele\steamapps\common\counter-strike source\bin\stdshader_dbg.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00295336 _____ () d:\spiele\steamapps\common\counter-strike source\bin\stdshader_dx6.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00226216 _____ () d:\spiele\steamapps\common\counter-strike source\bin\stdshader_dx7.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00413096 _____ () d:\spiele\steamapps\common\counter-strike source\bin\stdshader_dx8.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00610728 _____ () d:\spiele\steamapps\common\counter-strike source\bin\stdshader_dx9.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 00877056 _____ () d:\spiele\steamapps\common\counter-strike source\bin\chromehtml.dll
2013-04-16 19:06 - 2013-04-16 19:16 - 20321192 _____ () d:\spiele\steamapps\common\counter-strike source\bin\libcef.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00070056 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\unicode.dll
2013-04-16 19:06 - 2013-04-16 19:16 - 01101240 _____ () d:\spiele\steamapps\common\counter-strike source\bin\avcodec-53.dll
2013-04-16 19:16 - 2013-04-16 19:16 - 00124856 _____ () d:\spiele\steamapps\common\counter-strike source\bin\avutil-51.dll
2013-04-16 19:16 - 2013-04-16 19:16 - 00192440 _____ () d:\spiele\steamapps\common\counter-strike source\bin\avformat-53.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 06193064 _____ () d:\spiele\steamapps\common\counter-strike source\cstrike\bin\client.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 05827496 _____ () d:\spiele\steamapps\common\counter-strike source\cstrike\bin\server.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00130984 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\soundemittersystem.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00078760 _____ () D:\Spiele\steamapps\common\Counter-Strike Source\bin\scenefilecache.dll
2013-10-02 14:14 - 2013-10-02 14:16 - 02144680 _____ () d:\spiele\steamapps\common\counter-strike source\bin\GameUI.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00075176 _____ () d:\spiele\steamapps\common\counter-strike source\bin\vaudio_miles.dll
2013-04-16 19:16 - 2013-04-16 19:16 - 00071680 _____ () d:\spiele\steamapps\common\counter-strike source\bin\mssmp3.asi
2013-04-16 19:16 - 2013-04-16 19:16 - 00153088 _____ () d:\spiele\steamapps\common\counter-strike source\bin\mssvoice.asi
2013-04-16 19:16 - 2013-04-16 19:16 - 00013312 _____ () d:\spiele\steamapps\common\counter-strike source\bin\mssds3d.flt
2013-04-16 19:16 - 2013-04-16 19:16 - 00055808 _____ () d:\spiele\steamapps\common\counter-strike source\bin\msseax.flt
2013-10-02 14:14 - 2013-10-02 14:16 - 00932264 _____ () d:\spiele\steamapps\common\counter-strike source\bin\serverbrowser.dll
2013-10-02 14:16 - 2013-10-02 14:16 - 00171432 _____ () d:\spiele\steamapps\common\counter-strike source\bin\vaudio_speex.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^deLepsch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Spiele\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2014 07:00:58 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "Windows Workflow Foundation 4.0.0.0" (Windows Workflow Foundation 4.0.0.0). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "Windows Workflow Foundation 4.0.0.0" (Windows Workflow Foundation 4.0.0.0). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2014 07:00:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2014 07:00:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "MSDTC Bridge 4.0.0.0" (MSDTC Bridge 4.0.0.0). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/13/2014 07:00:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/13/2014 07:00:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: deLepsch-PC)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (02/13/2014 06:55:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2843630)

Error: (02/13/2014 06:55:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2862973)

Error: (02/13/2014 06:11:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/13/2014 06:11:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/12/2014 05:33:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/12/2014 05:33:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/12/2014 00:00:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/12/2014 00:00:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/12/2014 11:42:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/12/2014 11:42:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 4094.49 MB
Available physical RAM: 1203.58 MB
Total Pagefile: 8187.16 MB
Available Pagefile: 4198.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.85 GB) (Free:50.85 GB) NTFS
Drive d: () (Fixed) (Total:449.22 GB) (Free:289.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: DD617AE9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=147 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Addition Log

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by deLepsch (administrator) on DELEPSCH-PC on 13-02-2014 22:10:58
Running from C:\Users\deLepsch\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Spiele\Steam.exe
() D:\Spiele\steamapps\common\Counter-Strike Source\hl2.exe
(Valve Corporation) D:\Spiele\GameOverlayUI.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3090087461-1257865367-1472158643-1001\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3090087461-1257865367-1472158643-1001\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3090087461-1257865367-1472158643-1001\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3090087461-1257865367-1472158643-1001\...\MountPoints2: {6b9c3688-1e2d-11e3-89e6-001a4d63d07e} - F:\StartCD.exe
HKU\S-1-5-21-3090087461-1257865367-1472158643-1001\...\MountPoints2: {a9cdee62-c930-11e1-8a65-001a4d63d07e} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\Run: [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd)
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3090087461-1257865367-1472158643-1003\...\MountPoints2: {a9cdee62-c930-11e1-8a65-001a4d63d07e} - F:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP22&ocid=UP22DHP&dt=050213
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x120C6CF33B5DCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\deLepsch\AppData\Roaming\Mozilla\Firefox\Profiles\l4nvmf6k.default
FF SearchEngineOrder.3: Bing 
FF Homepage: google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=050213&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\deLepsch\AppData\Roaming\Mozilla\Firefox\Profiles\l4nvmf6k.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\deLepsch\AppData\Roaming\Mozilla\Firefox\Profiles\l4nvmf6k.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-23]
FF Extension: Adblock Plus - C:\Users\deLepsch\AppData\Roaming\Mozilla\Firefox\Profiles\l4nvmf6k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-02]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-05]

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [555304 2013-04-12] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-04-12] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [390440 2013-04-12] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2013-11-27] (<Turtle Entertainment>)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-10-03] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-10-03] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-10-03] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-12-05] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-11-23] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-10-03] (G Data Software AG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46280 2013-04-12] (AnchorFree Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-10] (Anchorfree Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-13 22:10 - 2014-02-13 22:11 - 00016674 _____ () C:\Users\deLepsch\Downloads\FRST.txt
2014-02-13 22:10 - 2014-02-13 22:10 - 02152960 _____ (Farbar) C:\Users\deLepsch\Downloads\FRST64.exe
2014-02-13 22:10 - 2014-02-13 22:10 - 00000000 ____D () C:\FRST
2014-02-13 22:08 - 2014-02-13 22:08 - 00001153 _____ () C:\Users\deLepsch\Desktop\Continue Zip Extractor Installation.lnk
2014-02-13 21:35 - 2014-02-13 21:36 - 00000000 ____D () C:\Users\deLepsch\Desktop\v
2014-02-13 21:34 - 2014-02-13 21:34 - 00000000 _____ () C:\Users\deLepsch\Desktop\Neues Textdokument.txt
2014-02-13 19:11 - 2014-02-13 19:11 - 00017366 _____ () C:\Windows\PFRO.log
2014-02-13 18:56 - 2014-02-13 18:56 - 00013717 _____ () C:\Users\deLepsch\Downloads\hijackthis.log
2014-02-13 18:56 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-13 18:56 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-13 18:56 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-13 18:56 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-13 18:55 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-13 18:55 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-13 18:55 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-13 18:55 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-13 18:55 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-13 18:55 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-13 18:55 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-13 18:55 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-13 18:55 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-13 18:55 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-13 18:55 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-13 18:55 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-13 18:55 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-13 18:55 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-13 18:44 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 18:44 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 18:43 - 2014-02-13 18:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\deLepsch\Downloads\HiJackThis204.exe
2014-02-13 18:43 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 18:43 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 18:43 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 18:43 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 18:43 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 18:43 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 18:43 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 18:43 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 18:43 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 18:43 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 18:43 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 18:43 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 18:43 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 18:43 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 18:43 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 18:43 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 18:43 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 18:43 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 18:43 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 18:43 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 18:43 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 18:43 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 18:43 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 18:43 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 18:43 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 18:43 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 18:43 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 18:43 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 18:43 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 18:43 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 18:43 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 18:43 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 18:43 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 18:43 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 18:43 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 18:43 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 18:43 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 18:43 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 18:43 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 18:42 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 18:42 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 18:42 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 18:42 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 18:42 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 18:42 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 18:42 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 18:42 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 18:42 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 18:42 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 18:42 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 18:42 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 18:42 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 18:42 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 18:42 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 18:42 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 18:42 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 18:42 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 18:42 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 18:42 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 18:42 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 18:42 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 18:42 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 18:42 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 18:42 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 18:42 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 18:42 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 18:42 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 18:42 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-13 18:42 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-13 01:18 - 2014-02-13 01:18 - 00001080 _____ () C:\Windows\system32\settingsbkup.sfm
2014-02-13 01:18 - 2014-02-13 01:18 - 00001080 _____ () C:\Windows\system32\settings.sfm
2014-02-12 11:47 - 2014-02-12 11:47 - 00610961 _____ () C:\Users\deLepsch\Downloads\Outlook(1).zip
2014-02-12 11:47 - 2014-02-12 11:47 - 00400533 _____ () C:\Users\deLepsch\Downloads\Outlook(2).zip
2014-02-12 11:47 - 2014-02-12 11:47 - 00341580 _____ () C:\Users\deLepsch\Downloads\Outlook.zip
2014-02-10 21:33 - 2014-02-10 21:34 - 09818192 _____ () C:\Users\deLepsch\ts3_recording_14_02_10_21_33_36.wav
2014-02-09 03:59 - 2014-02-09 04:00 - 09910864 _____ () C:\Users\deLepsch\ts3_recording_14_02_09_3_59_28.wav
2014-02-09 02:48 - 2014-02-13 19:12 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-02-09 02:38 - 2014-02-09 02:38 - 00282664 _____ () C:\Windows\Minidump\020914-25100-01.dmp
2014-02-08 23:59 - 2014-02-08 23:59 - 00290584 _____ () C:\Windows\Minidump\020814-16723-01.dmp
2014-02-07 21:08 - 2014-02-07 21:08 - 08129352 _____ () C:\Users\deLepsch\Downloads\de_nuke.zip
2014-02-07 18:31 - 2014-02-07 18:31 - 00282288 _____ () C:\Windows\Minidump\020714-25287-01.dmp
2014-02-07 16:46 - 2014-02-09 02:38 - 536594368 _____ () C:\Windows\MEMORY.DMP
2014-02-07 16:46 - 2014-02-07 16:46 - 00281800 _____ () C:\Windows\Minidump\020714-15069-01.dmp
2014-02-05 19:29 - 2014-02-05 19:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 19:20 - 2014-02-05 20:30 - 00010270 _____ () C:\Users\deLepsch\Desktop\config.cfg
2014-02-05 19:13 - 2014-02-05 19:13 - 00009738 _____ () C:\Users\deLepsch\Downloads\config.cfg
2014-02-03 16:52 - 2014-02-13 19:11 - 00002820 _____ () C:\Windows\setupact.log
2014-02-03 16:52 - 2014-02-03 16:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-31 15:45 - 2014-02-09 02:38 - 00000000 ____D () C:\Windows\Minidump
2014-01-30 13:13 - 2014-01-30 13:13 - 00000000 ____D () C:\Program Files (x86)\MSI Kombustor 2.5
2014-01-30 13:07 - 2014-01-30 13:07 - 00001090 _____ () C:\Users\deLepsch\Desktop\MSI Afterburner.lnk
2014-01-30 13:07 - 2014-01-30 13:07 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-01-30 13:04 - 2014-02-07 12:23 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-01-30 13:02 - 2014-01-30 13:02 - 21214137 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup225.zip
2014-01-30 12:45 - 2014-01-30 12:45 - 22990573 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup231(1).zip
2014-01-30 12:36 - 2014-01-30 12:47 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-30 12:30 - 2014-01-30 12:34 - 22990573 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup231.zip
2014-01-29 23:24 - 2014-01-29 23:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-29 20:26 - 2014-01-29 20:26 - 00000203 _____ () C:\Users\deLepsch\Desktop\Call of Duty Ghosts.url
2014-01-29 20:26 - 2014-01-29 20:26 - 00000203 _____ () C:\Users\deLepsch\Desktop\Call of Duty Ghosts - Multiplayer.url
2014-01-27 21:08 - 2014-01-27 21:08 - 08638510 _____ () C:\Users\deLepsch\Downloads\de_strike_rc4.zip
2014-01-27 19:32 - 2014-01-27 19:32 - 00285722 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win64(1).ts3_plugin
2014-01-27 19:32 - 2014-01-27 19:32 - 00236300 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win32.ts3_plugin
2014-01-26 01:04 - 2014-01-26 01:04 - 00285722 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win64.ts3_plugin
2014-01-18 01:59 - 2014-01-18 05:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 14:51 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-17 14:50 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BHTU.DLL
2014-01-16 13:40 - 2014-01-16 13:40 - 00000000 ____D () C:\Users\deLepsch\Desktop\eva
2014-01-16 13:39 - 2014-01-16 13:39 - 00000000 ____D () C:\Users\deLepschevasi0n
2014-01-16 13:39 - 2014-01-12 23:56 - 19083278 _____ () C:\Users\deLepschevasi0n\evasi0n7.exe
2014-01-16 13:39 - 2014-01-12 23:56 - 00003089 _____ () C:\Users\deLepschevasi0n\README.txt
2014-01-16 13:27 - 2014-01-16 15:49 - 00000000 ____D () C:\Users\deLepsch\Desktop\Musik mudda
2014-01-16 13:26 - 2014-01-16 13:26 - 00000000 ____D () C:\Users\deLepsch\Desktopclunsounds67
2014-01-15 17:24 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 17:24 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 17:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 17:24 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-02-13 22:11 - 2014-02-13 22:10 - 00016674 _____ () C:\Users\deLepsch\Downloads\FRST.txt
2014-02-13 22:10 - 2014-02-13 22:10 - 02152960 _____ (Farbar) C:\Users\deLepsch\Downloads\FRST64.exe
2014-02-13 22:10 - 2014-02-13 22:10 - 00000000 ____D () C:\FRST
2014-02-13 22:08 - 2014-02-13 22:08 - 00001153 _____ () C:\Users\deLepsch\Desktop\Continue Zip Extractor Installation.lnk
2014-02-13 21:47 - 2012-07-08 20:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 21:36 - 2014-02-13 21:35 - 00000000 ____D () C:\Users\deLepsch\Desktop\v
2014-02-13 21:34 - 2014-02-13 21:34 - 00000000 _____ () C:\Users\deLepsch\Desktop\Neues Textdokument.txt
2014-02-13 21:04 - 2012-11-11 01:03 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\TS3Client
2014-02-13 20:49 - 2012-07-08 19:59 - 01904935 _____ () C:\Windows\WindowsUpdate.log
2014-02-13 19:17 - 2009-07-14 05:45 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 19:17 - 2009-07-14 05:45 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 19:12 - 2014-02-09 02:48 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-02-13 19:12 - 2012-07-08 20:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-13 19:11 - 2014-02-13 19:11 - 00017366 _____ () C:\Windows\PFRO.log
2014-02-13 19:11 - 2014-02-03 16:52 - 00002820 _____ () C:\Windows\setupact.log
2014-02-13 19:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-13 19:06 - 2013-08-15 19:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-13 19:03 - 2012-07-08 21:56 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 18:56 - 2014-02-13 18:56 - 00013717 _____ () C:\Users\deLepsch\Downloads\hijackthis.log
2014-02-13 18:48 - 2012-07-08 20:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-13 18:47 - 2012-07-08 20:03 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-13 18:43 - 2014-02-13 18:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\deLepsch\Downloads\HiJackThis204.exe
2014-02-13 01:18 - 2014-02-13 01:18 - 00001080 _____ () C:\Windows\system32\settingsbkup.sfm
2014-02-13 01:18 - 2014-02-13 01:18 - 00001080 _____ () C:\Windows\system32\settings.sfm
2014-02-12 11:47 - 2014-02-12 11:47 - 00610961 _____ () C:\Users\deLepsch\Downloads\Outlook(1).zip
2014-02-12 11:47 - 2014-02-12 11:47 - 00400533 _____ () C:\Users\deLepsch\Downloads\Outlook(2).zip
2014-02-12 11:47 - 2014-02-12 11:47 - 00341580 _____ () C:\Users\deLepsch\Downloads\Outlook.zip
2014-02-11 19:27 - 2013-02-21 18:20 - 00000000 ___RD () C:\Users\deLepsch\Dropbox
2014-02-11 19:26 - 2013-02-21 18:16 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Dropbox
2014-02-10 21:34 - 2014-02-10 21:33 - 09818192 _____ () C:\Users\deLepsch\ts3_recording_14_02_10_21_33_36.wav
2014-02-10 21:33 - 2012-07-08 19:59 - 00000000 ____D () C:\Users\deLepsch
2014-02-09 04:11 - 2009-07-14 18:58 - 01776504 _____ () C:\Windows\system32\perfh007.dat
2014-02-09 04:11 - 2009-07-14 18:58 - 00483524 _____ () C:\Windows\system32\perfc007.dat
2014-02-09 04:11 - 2009-07-14 06:13 - 00006452 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-09 04:00 - 2014-02-09 03:59 - 09910864 _____ () C:\Users\deLepsch\ts3_recording_14_02_09_3_59_28.wav
2014-02-09 02:49 - 2012-07-09 23:55 - 00000000 ____D () C:\Users\deLepsch\AppData\Local\ESL Wire Game Client
2014-02-09 02:42 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-09 02:38 - 2014-02-09 02:38 - 00282664 _____ () C:\Windows\Minidump\020914-25100-01.dmp
2014-02-09 02:38 - 2014-02-07 16:46 - 536594368 _____ () C:\Windows\MEMORY.DMP
2014-02-09 02:38 - 2014-01-31 15:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 01:26 - 2012-07-08 20:55 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Winamp
2014-02-08 23:59 - 2014-02-08 23:59 - 00290584 _____ () C:\Windows\Minidump\020814-16723-01.dmp
2014-02-07 21:08 - 2014-02-07 21:08 - 08129352 _____ () C:\Users\deLepsch\Downloads\de_nuke.zip
2014-02-07 18:31 - 2014-02-07 18:31 - 00282288 _____ () C:\Windows\Minidump\020714-25287-01.dmp
2014-02-07 16:46 - 2014-02-07 16:46 - 00281800 _____ () C:\Windows\Minidump\020714-15069-01.dmp
2014-02-07 12:23 - 2014-01-30 13:04 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-02-06 16:52 - 2013-01-02 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 13:16 - 2014-02-13 18:43 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 18:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 18:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 18:43 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 18:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 18:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 18:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 18:43 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 18:43 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 18:43 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 18:43 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 18:43 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 18:43 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 18:43 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 18:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 18:43 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 18:43 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 18:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 18:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 18:43 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 18:43 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 18:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 18:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 18:43 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 18:43 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 18:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 18:43 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 18:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 18:43 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 18:43 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 18:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 18:43 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 18:43 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 18:43 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 18:43 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 18:43 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 18:43 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 18:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 20:30 - 2014-02-05 19:20 - 00010270 _____ () C:\Users\deLepsch\Desktop\config.cfg
2014-02-05 19:30 - 2014-02-05 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 19:13 - 2014-02-05 19:13 - 00009738 _____ () C:\Users\deLepsch\Downloads\config.cfg
2014-02-04 21:47 - 2012-07-08 20:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:47 - 2012-07-08 20:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:47 - 2012-07-08 20:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 13:59 - 2013-02-21 18:17 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-03 16:52 - 2014-02-03 16:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 15:12 - 2012-07-17 18:40 - 00000000 ____D () C:\Users\deLepsch\AppData\Local\Adobe
2014-01-30 13:13 - 2014-01-30 13:13 - 00000000 ____D () C:\Program Files (x86)\MSI Kombustor 2.5
2014-01-30 13:13 - 2012-10-09 22:09 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\NVIDIA
2014-01-30 13:07 - 2014-01-30 13:07 - 00001090 _____ () C:\Users\deLepsch\Desktop\MSI Afterburner.lnk
2014-01-30 13:07 - 2014-01-30 13:07 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-01-30 13:02 - 2014-01-30 13:02 - 21214137 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup225.zip
2014-01-30 12:47 - 2014-01-30 12:36 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-30 12:45 - 2014-01-30 12:45 - 22990573 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup231(1).zip
2014-01-30 12:34 - 2014-01-30 12:30 - 22990573 _____ () C:\Users\deLepsch\Downloads\MSIAfterburnerSetup231.zip
2014-01-29 23:25 - 2014-01-29 23:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-29 20:26 - 2014-01-29 20:26 - 00000203 _____ () C:\Users\deLepsch\Desktop\Call of Duty Ghosts.url
2014-01-29 20:26 - 2014-01-29 20:26 - 00000203 _____ () C:\Users\deLepsch\Desktop\Call of Duty Ghosts - Multiplayer.url
2014-01-29 20:26 - 2012-09-16 12:24 - 00000000 ____D () C:\Users\deLepsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-27 21:08 - 2014-01-27 21:08 - 08638510 _____ () C:\Users\deLepsch\Downloads\de_strike_rc4.zip
2014-01-27 20:02 - 2012-07-09 23:25 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-01-27 19:32 - 2014-01-27 19:32 - 00285722 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win64(1).ts3_plugin
2014-01-27 19:32 - 2014-01-27 19:32 - 00236300 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win32.ts3_plugin
2014-01-26 01:04 - 2014-01-26 01:04 - 00285722 _____ () C:\Users\deLepsch\Downloads\soundboard-0.9.9.6b-win64.ts3_plugin
2014-01-18 05:01 - 2014-01-18 01:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 15:49 - 2014-01-16 13:27 - 00000000 ____D () C:\Users\deLepsch\Desktop\Musik mudda
2014-01-16 13:40 - 2014-01-16 13:40 - 00000000 ____D () C:\Users\deLepsch\Desktop\eva
2014-01-16 13:39 - 2014-01-16 13:39 - 00000000 ____D () C:\Users\deLepschevasi0n
2014-01-16 13:26 - 2014-01-16 13:26 - 00000000 ____D () C:\Users\deLepsch\Desktopclunsounds67
2014-01-16 12:11 - 2012-07-08 20:48 - 00109296 _____ () C:\Users\deLepsch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-16 11:26 - 2009-07-14 05:45 - 00413624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 01:19 - 2012-07-18 15:07 - 00000000 ____D () C:\ProgramData\Microsoft Help

Files to move or delete:
====================
C:\Users\deLepschevasi0n\evasi0n7.exe


Some content of TEMP:
====================
C:\Users\deLepsch\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-11 13:31

==================== End Of Log ============================

--- --- ---

--- --- ---

cosinus · 15.02.2014, 14:44

Zitat:

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Office Enterprise?
Ist das ein gewerblich genutztes System?
Enterprise Editionen gibt es von Microsoft nur über sauteure Volumen-Lizenzverträge...

Kann jemand mal über mein Hijack schauen

Log-Analyse und Auswertung: Kann jemand mal über mein Hijack schauen