Win 7, 64 Bit,Firefox/Outlook/Sonstige Programme hängen sich dauernd auf,Phys. Speichernutzung >35%

Seppelscrabl · 22.03.2014, 00:16

Hallo,
seit ein paar Tagen hängen sich alle Programme inkl Win7 immer wieder auf (Keine Rückmeldung).

Letze Aktion:
Installation KIS 2014

Selbst wenn ich KIS deaktiviere läuft der Rechner nicht flüssig.
Laut Taskmanager habe ich dauerhaft eine phys. Speichernutzung von mehr als 35% obwohl keine großen Programme laufen.

Logfile:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:09:11, on 22.03.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16540)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Users\*********\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: MCtlSvc.lnk = C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Zu Anti-Banner hinzufügen - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Link-Untersuchung - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14088 bytes

schrauber · 22.03.2014, 07:09

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Seppelscrabl · 22.03.2014, 10:58

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ****** (administrator) on *******-PC on 22-03-2014 10:38:20
Running from C:\Users\*******\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ZTE) C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-22] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2226447408-97316306-2974523222-1000\...\MountPoints2: {82f3623f-947a-11e3-8f9d-c80aa97ce6d1} - E:\windows\Data\setup.exe
HKU\S-1-5-21-2226447408-97316306-2974523222-1000\...\MountPoints2: {e5c168f4-f3db-11e0-8d37-806e6f6e6963} - D:\start.exe /auto
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE454
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE454
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default
FF SearchEngineOrder.1: Amazon 
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_f5a04fa3358b4ced9fc272759f8df7d9_39_1006_20140216_DE_ff_ab_adppi5&query=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 - C:\Users\*****\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ( )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Tradesignal Online Chart - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2014-02-12]
FF Extension: DownloadHelper - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-16]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352 2010-10-05] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [485376 2010-10-05] ()

==================== Drivers (Whitelisted) ====================

R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-23] (DT Soft Ltd)
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-17] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-17] (Kaspersky Lab ZAO)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-22 10:38 - 2014-03-22 10:38 - 00019042 _____ () C:\Users\********\Downloads\FRST.txt
2014-03-22 10:38 - 2014-03-22 10:38 - 00000000 ____D () C:\FRST
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\******\Downloads\FRST64.exe
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-21 23:37 - 2014-03-22 00:09 - 00014090 _____ () C:\Users\******\Downloads\hijackthis.log
2014-03-21 23:27 - 2014-03-21 23:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\*******\Downloads\HiJackThis204.exe
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 18:52 - 2014-02-23 08:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 18:52 - 2014-02-23 07:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 18:52 - 2014-02-23 07:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 07:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 07:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 07:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 07:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 18:52 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 18:52 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 18:52 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 18:52 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 18:52 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 18:52 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-17 18:52 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 18:52 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 16:50 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 16:50 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 16:50 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 16:50 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 16:50 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-09 16:32 - 2014-03-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\******\Downloads\amw1421.bin
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-06 21:25 - 2014-03-10 07:39 - 00007593 _____ () C:\Users\******\AppData\Local\Resmon.ResmonCfg
2014-03-05 19:52 - 2014-03-05 20:35 - 00000889 _____ () C:\Users\******\Desktop\Auswertung_Lipos.csv
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:02 - 2014-03-04 19:03 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\*******\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\*******\AppData\Roaming\InstallShield
2014-02-28 07:23 - 2014-02-28 07:47 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-27 06:54 - 2014-02-27 22:00 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275
2014-02-23 22:13 - 2014-02-26 18:02 - 00011626 _____ () C:\Users\*******\Desktop\Bestellung Maytech.xlsx
2014-02-21 21:02 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140221-210223.backup
2014-02-21 17:30 - 2014-03-08 11:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-21 17:30 - 2014-03-08 11:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-21 17:30 - 2014-02-21 17:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

==================== One Month Modified Files and Folders =======

2014-03-22 10:38 - 2014-03-22 10:38 - 00019042 _____ () C:\Users\*******\Downloads\FRST.txt
2014-03-22 10:38 - 2014-03-22 10:38 - 00000000 ____D () C:\FRST
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\*******\Downloads\FRST64.exe
2014-03-22 10:37 - 2014-02-16 08:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-22 10:36 - 2011-11-13 15:00 - 00000000 ____D () C:\Users\*******\Documents\Outlook-Dateien
2014-03-22 10:34 - 2011-10-11 08:40 - 01371130 _____ () C:\Windows\WindowsUpdate.log
2014-03-22 09:56 - 2012-08-20 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 09:17 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-22 09:17 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-22 09:09 - 2013-12-03 08:29 - 00000000 ____D () C:\Windows\Minidump
2014-03-22 09:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-22 09:09 - 2009-07-14 05:51 - 00072103 _____ () C:\Windows\setupact.log
2014-03-22 09:08 - 2013-12-03 08:29 - 478605451 _____ () C:\Windows\MEMORY.DMP
2014-03-22 00:09 - 2014-03-21 23:37 - 00014090 _____ () C:\Users\********\Downloads\hijackthis.log
2014-03-21 23:33 - 2011-10-11 08:55 - 00000000 ____D () C:\Users\*******\AppData\Local\VirtualStore
2014-03-21 23:31 - 2014-03-21 23:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\********\Downloads\HiJackThis204.exe
2014-03-21 18:51 - 2013-06-24 20:08 - 00000000 ____D () C:\Users\*******\AppData\Local\CrashDumps
2014-03-21 16:50 - 2013-05-30 13:36 - 00000000 ____D () C:\Users\*******\AppData\Roaming\jtl-software
2014-03-21 00:20 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 23:43 - 2011-12-03 08:50 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 17:38 - 2014-03-09 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-20 16:12 - 2014-02-16 08:26 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-20 16:12 - 2014-02-16 08:26 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 19:14 - 2009-07-14 05:45 - 00428632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 18:54 - 2010-04-26 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-12 07:37 - 2011-11-20 13:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-03-11 21:05 - 2012-08-20 21:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2012-08-20 21:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:05 - 2011-11-12 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 18:02 - 2011-10-11 08:37 - 00924770 _____ () C:\Windows\PFRO.log
2014-03-10 07:39 - 2014-03-06 21:25 - 00007593 _____ () C:\Users\********\AppData\Local\Resmon.ResmonCfg
2014-03-10 07:36 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-09 17:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 15:54 - 2011-11-12 09:20 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\*******\Downloads\amw1421.bin
2014-03-08 18:38 - 2013-02-08 19:02 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-08 18:38 - 2013-02-08 19:02 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:24 - 2011-10-11 08:55 - 00000000 ___RD () C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-08 18:23 - 2013-02-08 19:02 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-08 18:23 - 2013-02-08 19:02 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-08 18:20 - 2013-09-23 18:14 - 00000000 ____D () C:\Users\********\AppData\Roaming\Dropbox
2014-03-08 18:19 - 2013-09-23 18:16 - 00000000 ___RD () C:\Users\*********\Dropbox
2014-03-08 18:19 - 2012-06-11 20:21 - 00000000 ____D () C:\Users\*********\AppData\Roaming\BOM
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-08 11:17 - 2014-02-21 17:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-08 11:15 - 2014-02-21 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-08 11:15 - 2012-08-27 13:38 - 00000731 _____ () C:\Windows\wininit.ini
2014-03-07 18:06 - 2012-01-22 18:15 - 00000659 _____ () C:\Windows\wiso.ini
2014-03-05 20:35 - 2014-03-05 19:52 - 00000889 _____ () C:\Users\*********\Desktop\Auswertung_Lipos.csv
2014-03-05 03:55 - 2012-02-08 10:37 - 00000000 ____D () C:\Users\*********\AppData\Roaming\Skype
2014-03-04 20:41 - 2012-01-23 19:24 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:03 - 2014-03-04 19:02 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:03 - 2010-04-26 09:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\*********\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\*********\AppData\Roaming\InstallShield
2014-03-01 11:23 - 2012-03-16 22:00 - 00000000 ____D () C:\Users\*********\AppData\Roaming\FileZilla
2014-03-01 10:19 - 2013-11-06 22:43 - 00041984 _____ () C:\Users\*********\Desktop\Umsatzstatistik_CMD_Modelltechnik.xls
2014-03-01 09:52 - 2011-10-11 18:30 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 09:52 - 2011-10-11 18:30 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 09:52 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 20:11 - 2013-10-03 18:36 - 00000000 ____D () C:\Users\*********\Documents\Bewerbungsunterlagen
2014-02-28 07:47 - 2014-02-28 07:23 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-28 07:27 - 2013-06-04 17:53 - 01603788 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 22:00 - 2014-02-27 06:54 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275
2014-02-26 18:02 - 2014-02-23 22:13 - 00011626 _____ () C:\Users\*********\Desktop\Bestellung Maytech.xlsx
2014-02-25 19:42 - 2011-11-20 09:33 - 00000000 ____D () C:\Users\*********\Documents\CMD-Modelltechnik
2014-02-23 16:47 - 2012-02-08 10:36 - 00000000 ____D () C:\ProgramData\Skype
2014-02-23 16:46 - 2014-02-16 07:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-23 08:12 - 2014-03-17 18:52 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 07:54 - 2014-03-17 18:52 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 07:52 - 2014-03-17 18:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 07:48 - 2014-03-17 18:52 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 07:48 - 2014-03-17 18:52 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 07:46 - 2014-03-17 18:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 07:46 - 2014-03-17 18:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 07:46 - 2014-03-17 18:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 07:45 - 2014-03-17 18:52 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 07:45 - 2014-03-17 18:52 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 07:45 - 2014-03-17 18:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 07:44 - 2014-03-17 18:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:44 - 2014-03-17 18:52 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 07:44 - 2014-03-17 18:52 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 07:44 - 2014-03-17 18:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 07:43 - 2014-03-17 18:52 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 06:50 - 2014-03-17 18:52 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 06:47 - 2014-03-17 18:52 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 06:43 - 2014-03-17 18:52 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 06:41 - 2014-03-17 18:52 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 06:40 - 2014-03-17 18:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 06:39 - 2014-03-17 18:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-23 06:38 - 2014-03-17 18:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-23 06:38 - 2014-03-17 18:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-23 06:38 - 2014-03-17 18:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 06:37 - 2014-03-17 18:52 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 06:37 - 2014-03-17 18:52 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 06:37 - 2014-03-17 18:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 06:37 - 2014-03-17 18:52 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-23 06:36 - 2014-03-17 18:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 06:36 - 2014-03-17 18:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-23 06:35 - 2014-03-17 18:52 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-22 18:16 - 2014-01-29 18:13 - 00000000 ____D () C:\LSPOS
2014-02-22 18:15 - 2014-01-29 18:28 - 00000000 ____D () C:\Users\*********\AppData\Roaming\EurekaLog
2014-02-21 21:02 - 2009-07-14 03:34 - 00450639 ____R () C:\Windows\system32\Drivers\etc\hosts.20140308-111434.backup
2014-02-21 17:30 - 2014-02-21 17:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 16:24

==================== End Of Log ============================

--- --- ---

Seppelscrabl · 22.03.2014, 10:59

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ********* at 2014-03-22 10:39:20
Running from C:\Users\*********\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.2.0 - Liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.01.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0120.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AeroFly Professional Deluxe (HKCU\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.11.0723 - IPACS)
aerofly5 (HKLM-x32\...\aerofly5_is1) (Version: 5.7.1.3 - IPACS)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AliIM Plugins for Browser (HKCU\...\AliIM Plugins for Browser) (Version: 1.0 - Alibaba(China) Co., Ltd)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70704.0230 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CAD Draw 9 Release 2011 (HKLM-x32\...\CAD Draw 9 Eco) (Version: 2011, 2011.0.2.22, 2011-02-22 - Malz++Kassner GmbH)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0412.1409.23514 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
congstar Internet-Manager (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
English Grammar in Use Extra application (HKLM-x32\...\EnglishGrammarinUseExtra) (Version: 1.0.0 - Cambridge University Press Holdings Limited)
English Grammar in Use Extra application (x32 Version: 1.0.0 - Cambridge University Press Holdings Limited) Hidden
English Grammar in Use Extra content (HKLM-x32\...\English Grammar in Use Extra content) (Version: 1.0.0.0 - Cambridge University Press)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeCAD 0.12 (HKLM-x32\...\{81ABC4A0-DE63-11DE-8A39-0800200C9A66}) (Version: 0.12.5284 - Juergen Riegel (FreeCAD@juergen-riegel.net))
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Greenshot (HKLM-x32\...\Greenshot_is1) (Version:  - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JTL-Wawi (HKLM-x32\...\JTL-Wawi_is1) (Version: 0.99919 - )
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.16.38941 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
Konz 2012 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
LS-POS 1.6.0.2 (HKLM-x32\...\{FF549CAF-7416-4726-BC4B-4C530543084C}_is1) (Version: LS-POS 1.6.0.2 Multimode - Luwosoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3007 - Acer Incorporated)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:24 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SM UniSens-E Tool (HKLM-x32\...\{B6FC9E67-33F2-40C9-84E8-A897E81CF5A3}) (Version: 1.0.3.1 - SM-Modellbau)
Steuer 2011 (HKLM-x32\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
SuperMailer 5.70 (HKLM-x32\...\SuperMailer_is1) (Version: 5.70 - Mirko Boeer Softwareentwicklungen)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WD SmartWare (HKLM\...\{FA72BBFB-C42C-44C1-8555-75B629252DD6}) (Version: 1.4.2.5 - Western Digital)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-08 11:14 - 00000938 ____R C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {001EA5D7-71DB-4C54-805B-635DCA87E965} - System32\Tasks\{4CC2B74D-EC7A-4C97-80EE-0DB243CAC306} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0032CCAB-879D-413C-B581-804C8536BDD2} - System32\Tasks\{4191F88E-1815-493C-9671-6F71800AD95B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0401778A-3307-46FA-ADF4-7813643620AD} - System32\Tasks\{273730D7-A815-4E87-BB56-FA5E4B2CC2AE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {05FC795C-CE13-49DB-9762-10F72AFF163A} - System32\Tasks\{9E9D2FF8-FC6B-441A-961D-4CD35F09A251} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {06298778-A87A-4594-8A2D-C8E7AA38C6DB} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {06843447-826D-41B7-A766-8CDC9F65A864} - System32\Tasks\{ACA5F379-4F56-41E8-9825-EDE6695FEBE1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0853C824-1860-46EF-8DC6-0EF846DDD1FB} - System32\Tasks\{083C989E-C23D-412D-8F1B-473742E86012} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0B55F4F4-52E0-4670-9D2D-CD2204E5C830} - System32\Tasks\{F3FFAD74-F1B5-4C94-91FF-49A6FC42242D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0CC940EE-FF62-4088-A59A-F485FD6F2CD8} - System32\Tasks\{1FB73C96-3C49-494C-9F3D-B4AA30D47AB0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0EACAE4E-5742-4EF1-A920-D8A409C1460E} - System32\Tasks\{9143D1FD-FD73-4390-AE5D-2A67F15C7541} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0ED73F2D-4B5F-4B65-9C2C-54DCEA81F51E} - System32\Tasks\{0E797ABE-67B7-4DB7-9D84-162596F5B01E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0F8C975B-A120-4B17-8BA1-9D684A2310A4} - System32\Tasks\{759939E2-E279-44C1-A870-8C31A923E6DA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {10842CD7-66B8-4A28-9C1C-D22AEF10F685} - System32\Tasks\{5F802D21-8159-41D4-9958-6286B32082CB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {12C54A08-EC3C-4006-9463-DD8D52302E7F} - System32\Tasks\{9165AF9B-31D6-41EF-9A5B-B0CB61BEE8A1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {167F9FFB-0A0D-4A05-B382-C4EE7EC12C29} - System32\Tasks\{AEB1DC41-7E70-4DD8-8A54-A40D349CE811} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {186928BB-0D72-46B8-9662-EEA8A7E59455} - System32\Tasks\{9652BDBE-826C-4035-B905-7A585B80AECC} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1CBDCEFA-8EB3-407A-970C-1B33495F062B} - System32\Tasks\{98023DDF-2908-4022-A94F-D4D788A1CFB4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1DC9D8F8-C2BD-44E6-AEB1-28CE8A286447} - System32\Tasks\{EC5E8B6E-2F15-4051-92DD-1565C0E60A3A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {214DEBB9-D6FA-43FC-BFA0-5D60928527D2} - System32\Tasks\{C686C290-8F76-42A8-AE7C-A7BF8213A804} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2336A03E-5189-48DF-93F7-E2EDC573B00A} - System32\Tasks\{A38B9953-9630-412D-B515-D845635FC62E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {239911D7-BE12-42B9-A75D-3A7419E387FA} - System32\Tasks\{EB13D431-3714-43DB-8AFD-191CC268730C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {28820730-EBB6-4B1B-BA5A-51F790FF301E} - System32\Tasks\{3C667338-39E4-4B3C-A149-9CE1B723C1F7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {28C3CF66-19ED-4CB7-BB3E-799E920EB86A} - System32\Tasks\{2262762B-ADAF-48BA-8788-8C9476379230} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2A8480CF-8DE6-496F-AF06-5D3C5790A4EF} - System32\Tasks\{E4076E91-7372-47CB-B3A8-E170CA5F4E56} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/go/help.faq.installer?LastError=1603
Task: {2B0B24FB-2F06-4CC3-BCB6-F4CFA695E232} - System32\Tasks\{B768780E-C601-4EB8-A136-4893022C591F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2C25DB87-0D8C-462B-B975-AEED42C98338} - System32\Tasks\{FD5C6F92-5EF6-445F-847A-7AECC5DF82BE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2C81AC59-E145-470A-9CAD-4F71824B48E8} - System32\Tasks\{428C8D9E-9A60-4DF9-A618-7E4FA10AD537} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2D167662-35B7-4A0F-859A-96E5DAC30219} - System32\Tasks\{F98D6B22-7EF6-4FCE-A7BF-1129FA4BC014} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2F569814-D0EC-4127-B3A0-B3219B777888} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {307236DC-351E-47BA-8B0C-176B020BCBD8} - System32\Tasks\{9A3E9FA9-DA85-4A70-8F98-6154430D4D4B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {33A9C3DD-0A56-43AF-9B5E-469B02656196} - System32\Tasks\{983DCA55-6CE1-4321-B7BF-20A92DCE3FC3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {35AE2FE6-BA1A-4BCA-8DED-5AAA05A62F4E} - System32\Tasks\{48188CD2-46DA-4238-9C13-B7A91E3281EC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {360CFCBD-7F15-45E8-80FE-EC58B9BD11DE} - System32\Tasks\{4B6F47BF-1A38-45BA-9CCF-483F551EAF75} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {36572AD6-6FE5-4D05-B8AC-07A72C56081E} - System32\Tasks\{FB760435-68B6-4F56-B913-A490686D8F91} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {368E7109-0F39-469D-B58A-E5182626FE31} - System32\Tasks\{8C08A02C-7660-4ECC-B2A8-24EFEA849047} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {36D3A90E-D7DC-429E-8329-D90A5DB68BE0} - System32\Tasks\{90459A55-4C83-4D3C-AFF5-B0F95A531952} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {37D7CB20-4B12-4F02-A143-E27D83F2D9F8} - System32\Tasks\{791C673E-E598-4A35-993F-15D21A7D067F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {38A81DEC-9C67-4A28-B1D7-773DA3CDA786} - System32\Tasks\{3FB071EE-7FFF-41C7-A34D-65E2F0D7488D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {38AD2650-CC1A-46F3-9D8C-FA46B6727183} - System32\Tasks\{CAD761C6-841C-4A0C-BBFB-864579522B74} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {399C8328-F5CC-4D10-91F7-146CA3A1A31E} - System32\Tasks\{667ABA81-CE49-4795-B6D1-09804E66CE00} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3B12451D-DCE6-426C-9CF4-A167ECA54E2C} - System32\Tasks\{41DE9697-0DC5-4E10-837E-907AD49A177A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3BF94FD9-A9E0-42A3-88A8-D33D37A88B02} - System32\Tasks\{67C73A34-1F84-486D-9BE9-F4FD7B458807} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3C4413C1-ABD6-4114-8749-696D6AD474CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {3D8DA5F0-D803-408B-BAA2-0E53DF29E878} - System32\Tasks\{7C043D7E-B479-4D20-954C-B818BFDC54BA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3DABB709-3C69-4183-9042-5075A7DB76E2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {3DBF5908-B257-4FD3-A802-49221372B687} - System32\Tasks\{485E5750-8B6B-40C7-A993-CF194184B514} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3ED87D5E-6204-4A13-83A3-6740FC255DB9} - System32\Tasks\{571C3CDE-6D7C-4E70-96DC-07BA22FFB497} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3F13BB32-B059-40C1-ACE2-82E333E799AA} - System32\Tasks\{4EF49D8C-8951-472E-A8C5-B2779D34C547} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {419D6DCC-49D4-44D2-879E-3F2858B96C18} - System32\Tasks\{DEEDD7E7-BCA2-4364-B5E1-0E93213ABCA0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {445822AD-1F37-479E-AEEA-8FC64E3710E9} - System32\Tasks\{A19D51C1-B221-4934-9CE1-39ED58F28D6E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {44A6F5FE-0A78-4950-87CA-9DFE612B4F3C} - System32\Tasks\{E2E5B26F-32A7-412B-9FA4-1CBDB267F684} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4629AF21-9F7A-4F4E-81B0-E43AEB533525} - System32\Tasks\{BB846538-46CA-4E4B-BAEF-ADCD79A9E546} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {48B5F2E2-D636-41F6-A119-7F0D7C82E663} - System32\Tasks\{69DF8E35-AD62-4FE8-9420-864CF66792FA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4A25B3B4-A479-4899-84B5-2BDD2BA33442} - System32\Tasks\{2A3AADA4-4D54-464A-A692-931E9BB6C97E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4AA24A41-7862-4355-83BC-4D4CB334EA1F} - System32\Tasks\{19DCAB5D-2D81-45C1-AA37-FAD28F2B4DE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4AC969A6-D728-46F3-BD4D-D28052172C6F} - System32\Tasks\{497D2CC9-8999-4BD4-B6F8-BC1F9ADA694E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4D7FEE7C-EDD3-4728-B017-FF410F3758BA} - System32\Tasks\{8ECF5999-780C-40DA-89F7-B63CEF0102D6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4E0EEF54-D7F5-4D47-A0EC-4509AC5883C4} - System32\Tasks\{5738946F-BF1A-4455-9797-DD174DBA27AE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4F031434-327B-429C-926F-BDE9FD84B397} - System32\Tasks\{156D94BA-0323-4C08-8A13-FED4426E5963} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4F1C97FE-193E-4F14-A8F6-8B0D2A17FF58} - System32\Tasks\{3146E09C-C75F-4302-A628-DCB150DBA202} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5104081E-7403-4DBD-BE7B-8AE4C31E9018} - System32\Tasks\{9DC661EA-0D4D-4AA2-88F9-ECEE61D6FF76} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {513EBCA2-732D-4FFA-B05F-A2A89A421E84} - System32\Tasks\{093E77BF-81F7-4398-85C6-B9F494EA1814} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {526D5176-166D-4260-BB1F-9FE42716561C} - System32\Tasks\{9AC6CC13-BDEB-45BF-8C1B-E0C68257A786} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {532129F9-573E-468B-AB43-6BE34F1DA029} - System32\Tasks\{A35BFA2A-563A-4C0D-A5E8-6D2E4FD95711} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {53D68C2E-B8D9-4E76-8EE2-36240A718478} - System32\Tasks\{36720F81-105E-4A5D-B040-E1E85AD3E867} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {547D3695-3687-40EC-B8A0-D2716CE85894} - System32\Tasks\{042FFDAE-BA5F-4812-8EF8-7C7436CE3CD4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {55A4B9AB-E173-43B1-A643-D46BB0975C92} - System32\Tasks\{E4617DAE-0D7F-4F7C-888E-894D52538D92} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {55E706E3-7420-4154-AAA2-ACDB4BC9462C} - System32\Tasks\{9D23FE0C-9F37-45F3-B184-4109384B82E8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {56C62A00-4ACE-4FF7-A5E6-3C044AE67764} - System32\Tasks\{F579F812-444C-421A-B0B1-440C58BF3397} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {59E4591E-3C3F-458F-AFA0-051B260954AE} - System32\Tasks\{B6827002-E5D1-4E8C-87BF-F10F38B41FFF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5C030FDC-2804-46B2-9B11-9F6FA8DC24DD} - System32\Tasks\{8CBBC4B6-3758-4D91-ACFD-EDB61BB40BFC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5C4B11A9-1308-414B-9EFE-BEB5DB9A51AE} - System32\Tasks\{38CABAE8-5EE0-49AE-A303-9A3B03A1DEDB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5D38739A-F175-4DD7-A3BE-0F7C398FBB98} - System32\Tasks\{C52B92D6-C392-450E-8B24-A75647AF29D7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5E6F4A07-2C32-4BC5-B1AF-857593B3323E} - System32\Tasks\{DC66FC44-4960-4B99-B60C-B961E1187FD7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5FF30E5F-BB0C-415C-A7F8-2F51E729E3F7} - System32\Tasks\{751BB258-A550-449F-A266-EFF75428DB04} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {601DAAF2-0D1C-4A4F-B3DE-79D40ED53E0D} - System32\Tasks\{B6A7402D-0D39-4D6E-AE22-3B068669400E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1618
Task: {60A181D0-64C3-4712-AF59-B68A7D04E0DF} - System32\Tasks\{87D9F2CC-2FB0-49EE-915D-7364577CD88A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {612EE955-C2C3-4F71-91B7-BE150D31BE53} - System32\Tasks\{0FA473BE-339A-4477-B526-47E984F759CF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6771E0BE-8723-4FA1-9CCD-7294460671AF} - System32\Tasks\{0803A1A5-0FD3-46D9-9740-121AFCEC1BA1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6BD1AC5E-D2CD-4EB0-B7AD-1DF2900976B6} - System32\Tasks\{7247FC87-EA0B-45D1-8B37-8AA09F33D33B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6BFE8801-F3BE-41CD-9179-45F0A5834B19} - System32\Tasks\{6DAD27A9-A6C2-4134-84FF-C7124F4B42F1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6C29CF4C-477F-4ABE-AC01-9C978DF83032} - System32\Tasks\{1A844300-74D8-4E17-A31C-89AEFE574E40} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6C3CEFE2-1809-4A8F-822A-1A55E3BD1DE5} - System32\Tasks\{E330C45D-EB17-4D72-AAB2-63D409E6C067} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6D21CF8C-D684-42B2-ADE0-3053BAA36FC1} - System32\Tasks\{A915DDA4-BB47-49E4-916C-6ABF5FAA81CF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6EBE9B6F-0270-4092-B1AE-54DC01F99CAD} - System32\Tasks\{FD5F1F28-9E4B-4854-A8E3-621EFE4EEFAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6ED309D5-4C5D-4CE3-84C5-8460DFCEE386} - System32\Tasks\{36AF3701-2E69-433F-9D24-A3C3755400A4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7030E667-4EC3-4374-8495-1A22EF8FF4E4} - System32\Tasks\{D98A6623-4946-4111-BB90-609A213BD9A8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {70A9F503-6260-4839-9EEA-88AE29855346} - System32\Tasks\{1EA98232-0C52-4476-B054-37D48C1A75C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {70D045D1-7B2D-4EB7-ACF4-143B33D55013} - System32\Tasks\{CE50EF64-0A5A-4773-BEEF-7F7F96628CBA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {716F4A57-B955-4585-9A13-A4977FDFA158} - System32\Tasks\{C4D42917-8206-4EEA-947F-BED543549099} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {727EE71E-F70D-4328-A8BF-E81346FE8C14} - System32\Tasks\{03765D9D-B8F5-4757-8728-C64D59FF38A0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73556671-CD3E-46EA-AC0E-97A9B294E44C} - System32\Tasks\{26855CD5-C8D7-4240-AD9C-C2FA714D30B5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73E42600-3247-41B3-97BD-28765DF7C779} - System32\Tasks\{80653FF3-FD5B-4A6C-8878-C26F86798625} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {752C1FC3-E273-4812-8ADC-67EC902C3E2D} - System32\Tasks\{3FC4D2D3-F237-4B2A-9D23-18F3F4374FE7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {75354514-E59B-4B06-9675-2F84039C3287} - System32\Tasks\{F06BE972-80F3-4A01-8A1B-AB234D064635} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {769B5DBA-7938-43F9-9433-40901F556D2C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {7803AD0F-FBA3-4190-8056-CA32F6E55187} - System32\Tasks\{0E5CB279-6733-4C24-8001-1F3C0DE77E4A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {798BD580-A16D-45FC-9CCD-FA6889B4E462} - System32\Tasks\{83CB4BAC-470D-4681-A513-623CD0CB855E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7999D52F-8B20-417F-B874-C49CEFBB56C1} - System32\Tasks\{887E8610-C623-4D79-8C61-338BBB23F211} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {79D7DEF7-1609-4FBB-BA86-0CDF412E061B} - System32\Tasks\{E9D1C312-AFA8-4F66-808B-08985D580604} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7B3F12AB-4EED-4C33-906A-A84EAC7CEF6D} - System32\Tasks\{1AEF50DF-D6DF-4C65-9459-C5F9563DFA9A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7C451574-AE82-402E-8A93-C76D4D25BB57} - System32\Tasks\{95DC139F-D60F-4366-9501-A8B0A913CAF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7DA856BC-7746-42BF-84D4-6A52DF4217CC} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {7EA6DB36-F1B5-4E55-AA45-C6BB9F0A8215} - System32\Tasks\{24ED2935-4721-461F-B2BD-3C761679DE97} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8252B929-DAA7-4F91-B7D8-B152D6E12FA4} - System32\Tasks\{F7099193-7A9B-4FA3-A42D-9C3E90B9EF46} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8420C2FA-402C-4355-B1EA-83E3FEB8FCC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {8532C03D-20D3-477E-985D-9C2492B26E71} - System32\Tasks\{0AEB6B66-5B83-4459-97B6-93905D236E45} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {86719F0C-142D-4514-9424-8C6E8BF19EEA} - System32\Tasks\{BA361FAD-4DE8-4948-99A6-10945072B829} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {86A298AF-4510-4CF8-8628-4786D405CE1E} - System32\Tasks\{6E00A199-EB2C-4278-A78F-CEE3B8371963} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {87A9EDEA-5497-4F01-B266-6C0840A69AA4} - System32\Tasks\{0A7BFBAD-0333-43F4-9134-10DD54D71120} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8D191FC4-2C8F-4885-BC5E-C99A5F0FB633} - System32\Tasks\{7BB59186-7A7B-4E81-9687-72EFA4C17997} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FFA14B6-7253-4061-B90D-8E83BB8CC26A} - System32\Tasks\{4EA34CF1-B41F-409B-A740-9F5AD5730BD6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {909B08BA-E0BB-4065-9706-67B3E25522A9} - System32\Tasks\{E2B107D6-0988-4DDD-94FE-6360BA648166} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {90DEC9F0-8D9D-4BB0-85B2-9F46E50EEEB8} - System32\Tasks\{235CF29A-C833-4D2B-8869-7559AD92372B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {923AC040-AC2A-4F11-A5F9-5ECB7923377D} - System32\Tasks\{D8EB2113-C865-4F7D-9698-3FD0D8E6DB9A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92992D81-17B6-4666-91A0-D2C3A7541700} - System32\Tasks\{BC2BC1CD-0C8B-4671-84BB-696DEB9B2DE3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {969FBF33-B33F-4B6A-B904-1FA66AA2DF57} - System32\Tasks\{6456B2EB-7724-4315-BAEC-4CFBAEE250F7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9805D002-A38F-4B33-9134-EA7A6A2DF34B} - System32\Tasks\{19B5F578-B7F5-4529-A1C6-0FECA650C884} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {98E25D97-EBE7-42EC-8906-E2C0352833EA} - System32\Tasks\{5B1E895F-5535-417B-8A27-6FB7D8CD7847} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9A1CDD58-5558-480F-BAFC-17588FCB2C57} - System32\Tasks\{987770EF-9F0F-404D-9FDE-6E691FBB3BC8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9B44CA68-C33C-4959-B337-B8A2CB894A2E} - System32\Tasks\{24AA158B-4B02-4728-A814-D74FA3515164} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9ECA26F6-1105-4FFC-BD48-938F5CF019E3} - System32\Tasks\{B5C0E026-8EF9-4D54-B762-72400CC197CE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9F2AF12F-5A3B-4200-B806-4F4A6CA9E799} - System32\Tasks\{E8F8BCFD-C37E-4FB0-A614-2C763497271A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9F5BE43E-8EAA-4668-85C9-66AA61F27B11} - System32\Tasks\{CD51435A-1B74-46BA-BEAA-884838E16E68} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A0263965-FFA2-4139-8A0C-3C23FDCA73E8} - System32\Tasks\{145D87AE-740F-4051-AFB0-95C46D4E7116} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A0A6F712-C565-4945-9020-0E06394437BF} - System32\Tasks\{E63C78BB-0E1D-4B46-BB11-26C94B0051EB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A2349D0D-54E3-4E63-9C93-B2750B1C0FC1} - System32\Tasks\{D43D22EC-4C3F-47BF-BEB4-64C0DE0424D4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A2DA03AA-7FA7-428C-8AE0-D03304EC361B} - System32\Tasks\{E036FD89-C3BA-4FE8-9A5E-FCC019053218} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A34C3763-66B9-4011-87CE-BC78026EDEEB} - System32\Tasks\{1C09EE8C-4A91-4FD0-B2F8-7707FED24277} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A392C987-BAFD-404D-8400-9F00E63BF289} - System32\Tasks\{8BA0F4B0-059E-4587-BB9F-9772F828E15E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A3BEEB51-E91E-4B24-97FE-AF3570861C64} - System32\Tasks\{31AD971D-DB09-4ABB-9BBC-7914A51022D3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A4A2AE84-2C82-45DE-BD93-A64DCF372A65} - System32\Tasks\{BB302277-124F-4049-89D6-5AAB5C6BE3A3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A52D1DAB-B9B9-48E9-864C-25990EE6493F} - System32\Tasks\{5B0037A6-ED7A-4630-A02C-44A5DFA15497} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A5B02A54-16AB-481B-9C13-C437E1D09DDC} - System32\Tasks\{E89624FD-FE16-4E5E-819C-DCFCDB5921C1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A5DC5E9B-9578-434B-95D2-4526A3526960} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {A728D00E-7B1E-4B54-A6DD-FBE75C738C72} - System32\Tasks\{3CF9F3ED-5F51-4809-80E5-D586F3C4D20A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AB1F583B-58C5-45DD-B2E1-B88BF01CA361} - System32\Tasks\{40F5B6B8-CA97-48C0-AE89-89336F15C5BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AB4BD006-96BE-482E-AD34-C6272D173010} - System32\Tasks\{1AE8FC8F-321B-469C-868C-4A4669312177} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {AC3FD624-6A86-4802-B844-9E2C570D7067} - System32\Tasks\{B0AE7502-4D81-4B7F-AD42-F51F0E68D4D5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AC986CCC-E19F-4998-BBB4-74EBADD5980C} - System32\Tasks\{91228576-D9A0-41A6-997F-39D98264F84F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AEA59F0F-853C-4B50-89D2-C31F4BB6E2C5} - System32\Tasks\{40652961-87FB-449E-9347-131F5D870E20} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AEEA44BA-96D4-4A93-BDAF-A495E602C67D} - System32\Tasks\{C9D13916-C8C6-4DE2-AB34-5A0E7CF06DEA} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {AF5F691D-0CB4-4F4D-8DBD-EBE8AFBCC714} - System32\Tasks\{51B79273-849B-4EE5-909F-5213E4FF55CE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B06BE6D3-C1DF-4F32-BBEE-8D9434E1A344} - System32\Tasks\{D01F5FC2-E775-4FC1-A1F1-DF0A08CF285B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B254989B-15DC-4CE6-B96A-084011A29126} - System32\Tasks\{CF04A9E9-CC19-4B72-95BB-61FC781F247E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4829EB8-0310-4FEE-A614-A4D1B62E38BD} - System32\Tasks\{0F9E497A-5AC8-4ED2-B5A7-91251808D6C6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B6BCA246-E04D-4539-AACF-B73C34C93551} - System32\Tasks\{088EDA17-D8FA-4020-890C-B76BDE6FFC03} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B70EA648-74DB-44CF-B093-EB28B3046A29} - System32\Tasks\{4AAE605A-24EA-4F88-9B41-CF139C4DD242} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B844461B-A5E5-4399-A8EE-78FC5CAE0A71} - System32\Tasks\{03647118-8427-47D3-A47A-2DDA92656000} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B915756E-7884-41C5-B31C-07E25B4B4C5E} - System32\Tasks\{5056DFC3-68C3-49C0-AB2B-AE236561E28C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BA25E2B2-71E1-4335-A7CB-298F2F566FFD} - System32\Tasks\{3A49ADA0-FC34-4F87-8D1A-2739AB95C212} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {BAC9745D-E16C-4F38-AF6B-60F847A30440} - System32\Tasks\{B9F80393-E58F-40BE-B0D8-72D5B316E728} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BC5EDEF7-D54E-46E5-8D6B-9239745BB731} - System32\Tasks\{55B865CF-EFB7-479D-B73D-AA62A37DC9BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BCCFC6E4-B7B5-4227-AC6E-5044CAE9A2D0} - System32\Tasks\{24C39512-0515-4286-B103-89266B5AB2DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE54E291-56EC-4230-AA4E-37A8B30D5FBC} - System32\Tasks\{82F0F82D-F1C9-4F99-AB23-E9191C771AC3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF438213-0B83-477D-9651-FC665D1E3418} - System32\Tasks\{99342867-AF15-42CB-BFE8-16D4D2CC0649} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C02DD36A-B0D1-4277-8D2F-4B0A464FA6E1} - System32\Tasks\{E688585C-B7DB-4462-816E-7FF475AF9A3F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C0B794D2-8025-4F57-912B-C66059182EB2} - System32\Tasks\{A9A08A0A-2CEA-4D00-A75E-EF0D43504DCD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C17379A0-42D4-4745-BD85-09ED8D43DFA6} - System32\Tasks\{550E9F62-543F-4E8A-924D-F32677FE9719} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C1824011-F93C-4B0F-BF9E-22FA0DBDE9A4} - System32\Tasks\{94C27173-B0C4-4D86-8B61-808791FD17FC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C346BFBC-E4E7-4B85-AB8F-F75B83DC03CF} - System32\Tasks\{8BADB326-0616-498A-8777-1E3D3AF2E436} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C36AE90C-0617-4C3E-966F-35DB6F23FEFC} - System32\Tasks\{B383FFFC-3B04-4135-B190-2BF87BFA92C5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C5C997E3-4502-45D9-8719-B1025466AD6F} - System32\Tasks\{E5834AF8-DEAE-4A96-8C61-5567371994E6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C69FE132-CD7D-4735-A5E0-88014DC1DEC1} - System32\Tasks\{FE407C39-39D1-4A69-8DE8-D0F1A1B96C97} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C717E799-C181-40CE-8502-6675E2A7FA25} - System32\Tasks\{0FB69A4B-61E7-4021-948D-B70557C78443} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C801D9E6-BD50-41AC-B90D-58C3EFEFAAA1} - System32\Tasks\{F7D80B55-F2FC-4602-8568-00E127872C32} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C848798A-1A92-4724-B9BB-24F87C0D35BE} - System32\Tasks\{7F34DAA1-76C5-4CDA-B41C-6D0C07F53F25} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C934DA97-120E-4159-84D0-A8A43D631C7F} - System32\Tasks\{2E5AD490-9B78-4664-991D-6D2D51A35670} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C9C0D789-6900-4005-B48C-DC218C741FD8} - System32\Tasks\{976762DA-D619-4BF2-B52A-CC5E18FBDF62} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C9E799C2-3C38-4568-B39C-4D25A3C81E3F} - System32\Tasks\{977ECD51-3402-4819-AC9E-C46CE4347A47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C9EBB9C2-8B13-4AEE-AD05-FF91EF38B376} - System32\Tasks\{9428CADD-2515-4A11-9C87-A174E50D2850} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CAF4FDFC-02B3-4BBD-A30F-599EAA6212C4} - System32\Tasks\{DA4DFE55-0B00-485E-9C43-1114085DA651} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CF3A1138-31B5-4C0A-9EF1-9F020520EF5B} - System32\Tasks\{CD4AC491-85B9-43F8-BB0A-96714DCFB758} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D0BA003D-1C65-46CF-A8C3-DD8A77CDF2F0} - System32\Tasks\{0C3C9B5F-6D12-40FF-BFDB-8FB6988828E2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D1A7085C-6D96-4BD4-998E-9778CCFCB48F} - System32\Tasks\{D3A41E7E-F3A4-425D-A547-79A70BA44CFB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D1EC85DC-97C8-4173-A256-865A458CBDE5} - System32\Tasks\{6C656DAE-A546-405C-8E96-4E408FBF7B6A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D352278A-CB1B-4497-8666-896BE52FE01D} - System32\Tasks\{EDD3DBB0-E607-4075-9D25-764C6792C850} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D467D0BC-3B8A-4397-B8A2-D09625CC545A} - System32\Tasks\{E3F9AA4E-4696-422D-BDFE-CDA329B94A45} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D48DD1DE-06FD-466A-9982-FF92998E9A97} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {D61E01FC-79F2-413F-B07E-247EA8AEEC3C} - System32\Tasks\{CE30A575-D9B1-45E9-B041-CE12B31179D9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D65D800E-CE00-46AC-984E-93EAFF011478} - System32\Tasks\{ABEBEE8D-9710-47A6-AFE6-2397A005516B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6CA1DFC-8DF1-47E3-851A-DAA99FCE9A1C} - System32\Tasks\{E70D4D37-1474-4A3D-B1FA-394C9689A909} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6ED5B0F-C746-4B58-9497-F165A9B09E1F} - System32\Tasks\{57F219D4-8759-4261-9191-7F9D6050C507} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D76F8BE7-B412-448B-A1DF-D7CB11605134} - System32\Tasks\{A8373D97-0428-4533-B91F-A2D4BA029E8D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D7FD87C8-99B2-4412-AD83-5A9B590F8A2F} - System32\Tasks\{47367602-EC09-49AF-8918-C3DBFEF7A8F8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D8561A16-7AA5-46B3-927F-10E99B0EA727} - System32\Tasks\{37BCB3ED-4EF3-4C3B-8923-C6C253A2D8D6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D878E4DC-7B64-4AA9-93C1-1FC62B6A43DD} - System32\Tasks\{81D1964C-B60E-4A64-B039-6BC087BB6433} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D8ECB827-262E-4E78-B597-C76ABA0F0C1E} - System32\Tasks\{65CDDE18-F79E-4BAC-A2C0-580329B13B0C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D94D6C2B-00CE-4A65-8E0E-0A8DA7FEDF8F} - System32\Tasks\{D2F80E0E-126F-45EB-B819-96E547238FC7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DBF7015D-F14E-437E-A678-7637B04443ED} - System32\Tasks\{0C490965-DB11-45D3-8744-DA05FF60FBA3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DC043408-CEFB-4ECD-AB73-3998C1127944} - System32\Tasks\{0FEB2427-D091-4E07-B2BB-D1CB4D578D09} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE6B11DF-C28D-48DE-82E9-76CB5D1B0195} - System32\Tasks\{C332C76C-9EF1-4CB5-BCD8-6A84827139C4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DEF5CF1B-8461-4E21-9537-DC4F288F12BA} - System32\Tasks\{C7A71693-0C15-4F9A-A7F4-C8AF7763C68F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E05DE9AD-B0F7-423C-A046-76316F6306F2} - System32\Tasks\{D6EE1BDA-0369-4E60-A60B-43A29D13B5A4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E13F1E48-2DA8-4EF2-ABB1-D8D0650C83CC} - System32\Tasks\{9177A155-4A94-452F-A51C-CF8285A2DF28} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E1D7CDF9-A4E8-47AC-B1D0-BE029518D664} - System32\Tasks\{C156147E-377E-4E6A-8C3B-FBC64235D37D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E357E2CA-70EE-4195-BB67-D8E565748A4D} - System32\Tasks\{7EDD00EA-E44D-4F5C-B4C7-30AB99831125} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E8D24BD4-856D-4C87-8F23-64C496D394F6} - System32\Tasks\{906B483F-E4BB-4D0C-AC7D-352939D769C9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ED66F0A3-6661-4AE6-B6A8-F861934033C8} - System32\Tasks\{C216179C-494C-4D24-89CD-1CDE8EAEED4C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ED8E3757-E99D-4E89-A2A8-422AF7B10D11} - System32\Tasks\{BDA94453-AB91-4AB5-BAF9-71FABBC4AB51} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EDCD7CA3-4CD8-43AB-84C3-FB0DBAF06EEB} - System32\Tasks\{3A20BF88-5C33-4029-85CD-2628030CEC5D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F0599DAB-A7E2-44E7-B794-9C33D191E577} - System32\Tasks\{25D27403-6B66-4A06-A6F1-312A4A10C309} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F175EFCB-6352-4B30-AAA3-768042F16C31} - System32\Tasks\{01CEFB0E-93B3-4825-8046-EDDDF6B54ECA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F19AEDDB-B5EE-4178-9585-8AE93DF13D7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {F1E2BD12-1C36-45F9-9785-C548F686A4F3} - System32\Tasks\{DFFB1E73-2577-4AC9-A91E-358A36237D77} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F306A30B-6F44-49B6-8601-C19BE393AD9E} - System32\Tasks\{BA07F95D-F7C0-4BEE-9CDE-2A586B4A7DA8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F45C78C6-1605-4F79-B906-1375ED8908CF} - System32\Tasks\{9853DBA1-79BF-4D8A-AEF8-D1765DCA4C89} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F59F931A-A92A-4546-B398-A946312FF1AF} - System32\Tasks\{DDC5EEF6-C68C-41C3-8A17-AE2BBD436E38} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F7706106-8B1D-4FBA-B153-48F83C866E5B} - System32\Tasks\{100C6643-DC11-4A5E-AC62-B4CD36F4F049} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F8189D72-C02F-4FBC-B634-45CCD648D99E} - System32\Tasks\{BEB7389C-112B-415C-9C01-72B0B7D14B4A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F8AF864D-DBE5-4CB4-A53D-26A5028532EE} - System32\Tasks\{26422DAD-EA1F-4837-BC6B-725EBE5DE28F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F973B065-DE47-4E36-8B96-1C3483FB26FC} - System32\Tasks\{2EA66429-F215-435F-A4E4-4C7506CFF7EE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FAE23475-9D88-4969-93E6-74EC368AD31B} - System32\Tasks\{5AFF6AD9-90B0-42FF-8453-8FDB48FB0477} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FCF20A30-BE0F-40CC-A3A9-CDF4352C9032} - System32\Tasks\{F7F203BF-3859-4F8F-B372-F2CCAAA79D72} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDC7EDA3-7AFF-4BD7-ACA9-8BFD35B81285} - System32\Tasks\{B9FD6C4C-A59C-4E25-9DB4-9019E17A2CD1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FE088CD7-DC4B-418B-8409-BD375F38AA25} - System32\Tasks\{56B03B94-A02A-4EA8-91CC-568AF1623864} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-20 20:16 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-11-20 13:46 - 2008-06-04 07:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2009-08-14 11:16 - 2009-08-14 11:16 - 00022016 _____ () C:\Windows\System32\sse1ml6.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2010-10-05 15:28 - 2010-10-05 15:28 - 01060352 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2010-10-05 15:27 - 2010-10-05 15:27 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-14 21:59 - 2011-11-07 09:52 - 00220944 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
2014-02-14 21:59 - 2011-11-07 09:52 - 00036624 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
2014-02-14 21:59 - 2011-05-06 04:03 - 00594944 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-1.dll
2014-02-14 21:59 - 2011-11-07 09:39 - 00099328 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\itapi.dll
2014-02-14 21:59 - 2011-11-07 09:38 - 00027136 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\log.dll
2014-02-14 21:59 - 2010-10-14 10:37 - 00971776 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\libxml2.dll
2014-02-14 21:59 - 2010-10-14 10:37 - 00080688 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\zlib1.dll
2014-02-14 21:59 - 2011-11-07 09:38 - 00055296 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\coder.dll
2014-02-14 21:59 - 2011-11-07 09:39 - 00043008 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\audio.dll
2014-02-14 21:59 - 2011-11-07 09:38 - 00035840 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\libConfig.dll
2014-02-14 21:59 - 2011-11-07 09:43 - 00020992 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\libctlsvr.dll
2010-04-26 10:36 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2014-03-20 15:54 - 2014-03-20 15:54 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-14 21:59 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\libexpat.dll
2014-02-14 21:59 - 2011-05-06 04:02 - 00341504 _____ () C:\Program Files (x86)\congstar\Internet-Manager\Bin\sqlite3.dll
2014-03-11 21:05 - 2014-03-11 21:05 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Biet-O-Matic.lnk => C:\Windows\pss\Biet-O-Matic.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^*********^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*********^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: Greenshot => C:\Program Files (x86)\Greenshot\Greenshot.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2014 09:01:36 AM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 0

Error: (03/22/2014 09:01:36 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_WdiServiceHost, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: perftrack.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5be031
Ausnahmecode: 0xc0000006
Fehleroffset: 0x000000000004628d
ID des fehlerhaften Prozesses: 0x14c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_WdiServiceHost0
Pfad der fehlerhaften Anwendung: svchost.exe_WdiServiceHost1
Pfad des fehlerhaften Moduls: svchost.exe_WdiServiceHost2
Berichtskennung: svchost.exe_WdiServiceHost3

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93585

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93585

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 77985

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 77985

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2014 05:22:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62385

Error: (03/22/2014 05:22:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62385


System errors:
=============
Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (03/22/2014 09:15:34 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.


Microsoft Office Sessions:
=========================
Error: (03/22/2014 09:01:36 AM) (Source: Application Error)(User: )
Description: Hostprozess für Windows-DiensteC00001850

Error: (03/22/2014 09:01:36 AM) (Source: Application Error)(User: )
Description: svchost.exe_WdiServiceHost6.1.7600.163854a5bc3c1perftrack.dll6.1.7600.163854a5be031c0000006000000000004628d14c01cf449355ca8e80C:\Windows\system32\svchost.exeC:\Windows\system32\perftrack.dll309388df-b198-11e3-b348-c80aa97ce6d1

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 93585

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 93585

Error: (03/22/2014 05:22:45 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 77985

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 77985

Error: (03/22/2014 05:22:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2014 05:22:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62385

Error: (03/22/2014 05:22:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62385


CodeIntegrity Errors:
===================================
  Date: 2014-03-20 16:28:19.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 16:28:19.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 16:28:19.188
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 16:28:19.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 16:28:19.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 16:28:19.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 18:47:33.714
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 18:47:33.698
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 18:47:33.698
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 18:47:33.682
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 55%
Total physical RAM: 3838.23 MB
Available physical RAM: 1721.74 MB
Total Pagefile: 7674.65 MB
Available Pagefile: 5316.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:583.07 GB) (Free:470.33 GB) NTFS
Drive d: (Steuer2013) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 192B6836)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=583 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 23.03.2014, 10:02

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Seppelscrabl · 23.03.2014, 16:57

Code:

ATTFilter

ComboFix 14-03-23.01 - ***** 23.03.2014  16:37:05.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3838.1986 [GMT 1:00]
ausgeführt von:: c:\users\*******\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-23 bis 2014-03-23  ))))))))))))))))))))))))))))))
.
.
2014-03-23 15:48 . 2014-03-23 15:48	--------	d-----w-	c:\users\Jana\AppData\Local\temp
2014-03-23 15:48 . 2014-03-23 15:48	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-03-23 15:48 . 2014-03-23 15:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-22 09:38 . 2014-03-22 09:40	--------	d-----w-	C:\FRST
2014-03-15 15:50 . 2014-01-29 02:32	484864	----a-w-	c:\windows\system32\wer.dll
2014-03-15 15:50 . 2014-01-29 02:06	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-03-15 15:50 . 2014-01-28 02:32	228864	----a-w-	c:\windows\system32\wwansvc.dll
2014-03-15 15:50 . 2014-02-07 01:23	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-03-15 15:50 . 2014-02-04 02:32	624128	----a-w-	c:\windows\system32\qedit.dll
2014-03-15 15:50 . 2014-02-04 02:04	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-03-15 15:50 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-03-15 15:50 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-03-09 15:32 . 2014-03-20 16:38	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2014-03-08 11:09 . 2014-03-08 11:09	--------	d-----w-	c:\program files\CCleaner
2014-03-04 18:03 . 2014-03-04 18:03	--------	d-----w-	c:\program files (x86)\Atheros
2014-03-04 18:03 . 2006-12-01 22:37	904704	----a-w-	c:\program files\Common Files\Microsoft Shared\VC\msdia80.dll
2014-03-04 18:02 . 2014-03-04 18:03	--------	d-----w-	c:\programdata\Atheros
2014-03-04 18:02 . 2014-03-04 18:02	--------	d-----w-	c:\users\*****\AppData\Roaming\InstallShield
2014-02-28 06:23 . 2014-02-28 06:47	--------	d-----w-	C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-27 05:58 . 2014-02-27 05:58	--------	d-----w-	c:\windows\Migration
2014-02-27 05:54 . 2014-02-27 21:00	--------	d-----w-	C:\97c4388b07878cb82301031cef59e275
2014-02-21 16:30 . 2014-03-08 10:15	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-02-21 16:30 . 2014-03-08 10:17	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-20 22:43 . 2011-12-03 07:50	90015360	----a-w-	c:\windows\system32\MRT.exe
2014-03-20 15:12 . 2014-02-16 07:26	625248	----a-w-	c:\windows\system32\drivers\klif.sys
2014-03-20 15:12 . 2014-02-16 07:26	115296	----a-w-	c:\windows\system32\drivers\klflt.sys
2014-03-11 20:05 . 2012-08-20 20:41	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 20:05 . 2011-11-12 16:19	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 15:54 . 2013-10-17 14:47	29280	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2014-02-17 15:54 . 2013-06-06 16:38	178272	----a-w-	c:\windows\system32\drivers\kneps.sys
2014-02-17 15:54 . 2013-10-17 14:47	458336	----a-w-	c:\windows\system32\drivers\kl1.sys
2014-02-16 06:44 . 2012-07-17 13:37	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-12-24 23:09 . 2014-02-12 17:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-12 17:59	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-12-09 03:43 . 2013-12-09 03:43	49940480	----a-w-	c:\program files (x86)\GUTE770.tmp
2013-02-10 06:50 . 2013-02-10 06:50	4126720	----a-w-	c:\program files (x86)\GUT6E34.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-2 110592]
MCtlSvc.lnk - c:\program files (x86)\congstar\Internet-Manager\Bin\mcserver.exe [2014-2-14 60688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbmdm.sys [x]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbnmea.sys [x]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbser.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [x]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 20:05]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 18:02]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 18:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-25 877600]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-03-10 496160]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:8080
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_f5a04fa3358b4ced9fc272759f8df7d9_39_1006_20140216_DE_ff_ab_adppi5&query=
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-23  16:51:56
ComboFix-quarantined-files.txt  2014-03-23 15:51
.
Vor Suchlauf: 17 Verzeichnis(se), 510.812.086.272 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 510.682.320.896 Bytes frei
.
- - End Of File - - F46643222961B6CE6484BAAC28919647
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 24.03.2014, 11:27

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Seppelscrabl · 26.03.2014, 17:31

Hi,

danke für deine vielen Tipps.

Malwarebites Anti Malware habe ich jetzt zweimal laufen lassen.
Jedes Mal war der Rechner für 14 nzw. 24 Std. beschäftigt, hat nichts gefunden und am Schluss sich komplett aufgehängt bevor ein protokoll geschrieben wurde

Ich gehe jetzt mal zu Schritt 2 und lasse den AdwCleaner laufen in der Hoffnung, dass ich heute Abend ein Ergebnis habe.

Grüße

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 26/03/2014 um 07:43:24
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Mosmann - MOSMANN-PC
# Gestartet von : C:\Users\Mosmann\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden C:\Program Files (x86)\Advanced System Protector
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\Users\Mosmann\AppData\Roaming\pdfforge
Ordner Gefunden C:\Users\Mosmann\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\distromatic
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\distromatic
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2695 octets] - [26/03/2014 07:43:24]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2755 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mosmann on 26.03.2014 at 16:42:34,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Amazon1ButtonTaskbarApp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Amazon1ButtonTaskbarApp_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Amazon1ButtonTaskbarApp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Amazon1ButtonTaskbarApp_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Mosmann\AppData\Roaming\mozilla\firefox\profiles\2ov2tit4.default\minidumps [1890 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.03.2014 at 17:05:45,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mosmann (administrator) on MOSMANN-PC on 26-03-2014 17:26:48
Running from C:\Users\Mosmann\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ZTE) C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-22] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE454
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default
FF SearchEngineOrder.1: Amazon 
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_f5a04fa3358b4ced9fc272759f8df7d9_39_1006_20140216_DE_ff_ab_adppi5&query=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 - C:\Users\Mosmann\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ( )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Tradesignal Online Chart - C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2014-02-12]
FF Extension: DownloadHelper - C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-16]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352 2010-10-05] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [485376 2010-10-05] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-23] (DT Soft Ltd)
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-17] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-17] (Kaspersky Lab ZAO)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-26 17:05 - 2014-03-26 17:05 - 00001257 _____ () C:\Users\Mosmann\Desktop\JRT.txt
2014-03-26 16:42 - 2014-03-26 16:42 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 16:31 - 2014-03-26 16:32 - 01038974 _____ (Thisisu) C:\Users\Mosmann\Downloads\JRT.exe
2014-03-26 07:43 - 2014-03-26 07:48 - 00000000 ____D () C:\AdwCleaner
2014-03-26 07:42 - 2014-03-26 07:43 - 01950720 _____ () C:\Users\Mosmann\Downloads\adwcleaner.exe
2014-03-24 20:59 - 2014-03-26 07:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:59 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-24 20:59 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-24 20:59 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-24 20:57 - 2014-03-24 20:58 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Mosmann\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 20:48 - 2014-03-24 20:48 - 00294728 _____ () C:\Windows\Minidump\032414-69264-01.dmp
2014-03-23 17:12 - 2014-03-23 18:45 - 00004439 _____ () C:\jtl_ea_log_0.zip
2014-03-23 16:51 - 2014-03-23 16:51 - 00024642 _____ () C:\ComboFix.txt
2014-03-23 16:24 - 2014-03-23 16:24 - 00331600 _____ () C:\Windows\Minidump\032314-72493-01.dmp
2014-03-23 13:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-23 13:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-23 13:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-23 13:50 - 2014-03-23 16:51 - 00000000 ____D () C:\Qoobox
2014-03-23 11:06 - 2014-03-23 15:19 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 11:05 - 2014-03-23 11:06 - 05190773 ____R (Swearware) C:\Users\Mosmann\Desktop\ComboFix.exe
2014-03-22 10:39 - 2014-03-22 10:40 - 00089318 _____ () C:\Users\Mosmann\Downloads\Addition.txt
2014-03-22 10:38 - 2014-03-26 17:26 - 00017304 _____ () C:\Users\Mosmann\Downloads\FRST.txt
2014-03-22 10:38 - 2014-03-26 17:26 - 00000000 ____D () C:\FRST
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\Mosmann\Downloads\FRST64.exe
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-21 23:37 - 2014-03-22 00:09 - 00014090 _____ () C:\Users\Mosmann\Downloads\hijackthis.log
2014-03-21 23:27 - 2014-03-21 23:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mosmann\Downloads\HiJackThis204.exe
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 18:52 - 2014-02-23 08:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 18:52 - 2014-02-23 07:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 18:52 - 2014-02-23 07:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 07:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 07:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 07:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 07:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 18:52 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 18:52 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 18:52 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 18:52 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 18:52 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 18:52 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-17 18:52 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 18:52 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 16:50 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 16:50 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 16:50 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 16:50 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 16:50 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-09 16:32 - 2014-03-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\Mosmann\Downloads\amw1421.bin
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-06 21:25 - 2014-03-10 07:39 - 00007593 _____ () C:\Users\Mosmann\AppData\Local\Resmon.ResmonCfg
2014-03-05 19:52 - 2014-03-05 20:35 - 00000889 _____ () C:\Users\Mosmann\Desktop\Auswertung_Lipos.csv
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:02 - 2014-03-04 19:03 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\InstallShield
2014-02-28 07:23 - 2014-02-28 07:47 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-27 06:54 - 2014-02-27 22:00 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275

==================== One Month Modified Files and Folders =======

2014-03-26 17:28 - 2014-03-22 10:38 - 00017304 _____ () C:\Users\Mosmann\Downloads\FRST.txt
2014-03-26 17:26 - 2014-03-22 10:38 - 00000000 ____D () C:\FRST
2014-03-26 17:11 - 2011-11-13 15:00 - 00000000 ____D () C:\Users\Mosmann\Documents\Outlook-Dateien
2014-03-26 17:05 - 2014-03-26 17:05 - 00001257 _____ () C:\Users\Mosmann\Desktop\JRT.txt
2014-03-26 16:56 - 2012-08-20 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 16:42 - 2014-03-26 16:42 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 16:32 - 2014-03-26 16:31 - 01038974 _____ (Thisisu) C:\Users\Mosmann\Downloads\JRT.exe
2014-03-26 16:26 - 2014-02-16 08:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-26 08:39 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 08:39 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 07:54 - 2011-10-11 08:40 - 01573054 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 07:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 07:50 - 2009-07-14 05:51 - 00072439 _____ () C:\Windows\setupact.log
2014-03-26 07:48 - 2014-03-26 07:43 - 00000000 ____D () C:\AdwCleaner
2014-03-26 07:43 - 2014-03-26 07:42 - 01950720 _____ () C:\Users\Mosmann\Downloads\adwcleaner.exe
2014-03-26 07:36 - 2014-03-24 20:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-26 01:24 - 2013-12-03 08:29 - 662454227 _____ () C:\Windows\MEMORY.DMP
2014-03-25 20:58 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-25 20:23 - 2011-11-20 13:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-03-25 17:04 - 2013-06-24 20:08 - 00000000 ____D () C:\Users\Mosmann\AppData\Local\CrashDumps
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:58 - 2014-03-24 20:57 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Mosmann\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 20:48 - 2014-03-24 20:48 - 00294728 _____ () C:\Windows\Minidump\032414-69264-01.dmp
2014-03-24 20:48 - 2013-12-03 08:29 - 00000000 ____D () C:\Windows\Minidump
2014-03-24 20:48 - 2011-10-11 08:37 - 00925874 _____ () C:\Windows\PFRO.log
2014-03-23 20:03 - 2013-05-30 13:36 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\jtl-software
2014-03-23 18:55 - 2013-11-06 22:43 - 00042496 _____ () C:\Users\Mosmann\Desktop\Umsatzstatistik_CMD_Modelltechnik.xls
2014-03-23 18:45 - 2014-03-23 17:12 - 00004439 _____ () C:\jtl_ea_log_0.zip
2014-03-23 16:51 - 2014-03-23 16:51 - 00024642 _____ () C:\ComboFix.txt
2014-03-23 16:51 - 2014-03-23 13:50 - 00000000 ____D () C:\Qoobox
2014-03-23 16:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-23 16:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-23 16:24 - 2014-03-23 16:24 - 00331600 _____ () C:\Windows\Minidump\032314-72493-01.dmp
2014-03-23 15:19 - 2014-03-23 11:06 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 11:06 - 2014-03-23 11:05 - 05190773 ____R (Swearware) C:\Users\Mosmann\Desktop\ComboFix.exe
2014-03-22 18:33 - 2012-03-16 22:00 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\FileZilla
2014-03-22 16:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-22 10:40 - 2014-03-22 10:39 - 00089318 _____ () C:\Users\Mosmann\Downloads\Addition.txt
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\Mosmann\Downloads\FRST64.exe
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-22 00:09 - 2014-03-21 23:37 - 00014090 _____ () C:\Users\Mosmann\Downloads\hijackthis.log
2014-03-21 23:33 - 2011-10-11 08:55 - 00000000 ____D () C:\Users\Mosmann\AppData\Local\VirtualStore
2014-03-21 23:31 - 2014-03-21 23:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mosmann\Downloads\HiJackThis204.exe
2014-03-21 00:20 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 23:43 - 2011-12-03 08:50 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 17:38 - 2014-03-09 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-20 16:12 - 2014-02-16 08:26 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-20 16:12 - 2014-02-16 08:26 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 19:14 - 2009-07-14 05:45 - 00428632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 18:54 - 2010-04-26 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-11 21:05 - 2012-08-20 21:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2012-08-20 21:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:05 - 2011-11-12 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 07:39 - 2014-03-06 21:25 - 00007593 _____ () C:\Users\Mosmann\AppData\Local\Resmon.ResmonCfg
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\Mosmann\Downloads\amw1421.bin
2014-03-08 18:38 - 2013-02-08 19:02 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-08 18:38 - 2013-02-08 19:02 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:24 - 2011-10-11 08:55 - 00000000 ___RD () C:\Users\Mosmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-08 18:23 - 2013-02-08 19:02 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-08 18:23 - 2013-02-08 19:02 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-08 18:20 - 2013-09-23 18:14 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\Dropbox
2014-03-08 18:19 - 2013-09-23 18:16 - 00000000 ___RD () C:\Users\Mosmann\Dropbox
2014-03-08 18:19 - 2012-06-11 20:21 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\BOM
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-08 11:17 - 2014-02-21 17:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-08 11:15 - 2014-02-21 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-07 18:06 - 2012-01-22 18:15 - 00000659 _____ () C:\Windows\wiso.ini
2014-03-05 20:35 - 2014-03-05 19:52 - 00000889 _____ () C:\Users\Mosmann\Desktop\Auswertung_Lipos.csv
2014-03-05 09:26 - 2014-03-24 20:59 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-24 20:59 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-24 20:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 03:55 - 2012-02-08 10:37 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\Skype
2014-03-04 20:41 - 2012-01-23 19:24 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:03 - 2014-03-04 19:02 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:03 - 2010-04-26 09:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\InstallShield
2014-03-01 09:52 - 2011-10-11 18:30 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 09:52 - 2011-10-11 18:30 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 09:52 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 20:11 - 2013-10-03 18:36 - 00000000 ____D () C:\Users\Mosmann\Documents\Bewerbungsunterlagen
2014-02-28 07:47 - 2014-02-28 07:23 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-28 07:27 - 2013-06-04 17:53 - 01603788 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 22:00 - 2014-02-27 06:54 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275
2014-02-26 18:02 - 2014-02-23 22:13 - 00011626 _____ () C:\Users\Mosmann\Desktop\Bestellung Maytech.xlsx
2014-02-25 19:42 - 2011-11-20 09:33 - 00000000 ____D () C:\Users\Mosmann\Documents\CMD-Modelltechnik

Some content of TEMP:
====================
C:\Users\Mosmann\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 16:24

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.03.2014, 12:17

Hast Du AdwCleaner auch löschen lassen?

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Seppelscrabl · 29.03.2014, 18:20

Adware habe ich löschen lassen.

ESET lässt meinen Rechner immer abstürzen.Anbei was ich aus dem LOG herausbekommen habe.

Ich mache mit dem nächsten Schritt weiter.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 7 Update 5  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (28.0) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Hallo, anbei der FRST Log,
wirklich schneller ist der Rechner aber leider noch nicht...

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mosmann (administrator) on MOSMANN-PC on 29-03-2014 18:06:13
Running from C:\Users\Mosmann\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ZTE) C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-22] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5553g&r=27361011h606l0413z1i5t5581l60r
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE454
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default
FF SearchEngineOrder.1: Amazon 
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-de-ff-21&tbrId=v1_abb-channel-23_f5a04fa3358b4ced9fc272759f8df7d9_39_1006_20140216_DE_ff_ab_adppi5&query=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 - C:\Users\Mosmann\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ( )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Tradesignal Online Chart - C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2014-02-12]
FF Extension: DownloadHelper - C:\Users\Mosmann\AppData\Roaming\Mozilla\Firefox\Profiles\2ov2tit4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-16]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352 2010-10-05] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [485376 2010-10-05] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-23] (DT Soft Ltd)
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-17] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-17] (Kaspersky Lab ZAO)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 15:32 - 2014-03-29 15:32 - 00987442 _____ () C:\Users\Mosmann\Desktop\SecurityCheck.exe
2014-03-29 15:20 - 2014-03-29 15:20 - 00302928 _____ () C:\Windows\Minidump\032914-71464-01.dmp
2014-03-27 23:19 - 2014-03-27 23:19 - 00294672 _____ () C:\Windows\Minidump\032714-66472-01.dmp
2014-03-27 20:30 - 2014-03-27 20:30 - 00302928 _____ () C:\Windows\Minidump\032714-64506-01.dmp
2014-03-27 18:05 - 2014-03-27 18:06 - 02347384 _____ (ESET) C:\Users\Mosmann\Downloads\esetsmartinstaller_enu.exe
2014-03-26 17:45 - 2014-03-26 17:45 - 00307024 _____ () C:\Windows\Minidump\032614-68500-01.dmp
2014-03-26 17:05 - 2014-03-26 17:05 - 00001257 _____ () C:\Users\Mosmann\Desktop\JRT.txt
2014-03-26 16:42 - 2014-03-26 16:42 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 16:31 - 2014-03-26 16:32 - 01038974 _____ (Thisisu) C:\Users\Mosmann\Downloads\JRT.exe
2014-03-26 07:43 - 2014-03-26 07:48 - 00000000 ____D () C:\AdwCleaner
2014-03-26 07:42 - 2014-03-26 07:43 - 01950720 _____ () C:\Users\Mosmann\Downloads\adwcleaner.exe
2014-03-24 20:59 - 2014-03-26 07:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:59 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-24 20:59 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-24 20:59 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-24 20:57 - 2014-03-24 20:58 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Mosmann\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 20:48 - 2014-03-24 20:48 - 00294728 _____ () C:\Windows\Minidump\032414-69264-01.dmp
2014-03-23 17:12 - 2014-03-23 18:45 - 00004439 _____ () C:\jtl_ea_log_0.zip
2014-03-23 16:51 - 2014-03-23 16:51 - 00024642 _____ () C:\ComboFix.txt
2014-03-23 16:24 - 2014-03-23 16:24 - 00331600 _____ () C:\Windows\Minidump\032314-72493-01.dmp
2014-03-23 13:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-23 13:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-23 13:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-23 13:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-23 13:50 - 2014-03-23 16:51 - 00000000 ____D () C:\Qoobox
2014-03-23 11:06 - 2014-03-23 15:19 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 11:05 - 2014-03-23 11:06 - 05190773 ____R (Swearware) C:\Users\Mosmann\Desktop\ComboFix.exe
2014-03-22 10:39 - 2014-03-22 10:40 - 00089318 _____ () C:\Users\Mosmann\Downloads\Addition.txt
2014-03-22 10:38 - 2014-03-29 18:06 - 00017627 _____ () C:\Users\Mosmann\Downloads\FRST.txt
2014-03-22 10:38 - 2014-03-29 18:06 - 00000000 ____D () C:\FRST
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\Mosmann\Downloads\FRST64.exe
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-21 23:37 - 2014-03-22 00:09 - 00014090 _____ () C:\Users\Mosmann\Downloads\hijackthis.log
2014-03-21 23:27 - 2014-03-21 23:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mosmann\Downloads\HiJackThis204.exe
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 18:52 - 2014-02-23 08:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 18:52 - 2014-02-23 07:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 18:52 - 2014-02-23 07:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 18:52 - 2014-02-23 07:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 07:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-17 18:52 - 2014-02-23 07:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 18:52 - 2014-02-23 07:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 07:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 07:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 07:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 07:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 18:52 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 18:52 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 18:52 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 18:52 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 18:52 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 18:52 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 18:52 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-17 18:52 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 18:52 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 18:52 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 18:52 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 18:52 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-17 18:52 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 16:50 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 16:50 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 16:50 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-15 16:50 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 16:50 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 16:50 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-09 16:32 - 2014-03-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\Mosmann\Downloads\amw1421.bin
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-06 21:25 - 2014-03-10 07:39 - 00007593 _____ () C:\Users\Mosmann\AppData\Local\Resmon.ResmonCfg
2014-03-05 19:52 - 2014-03-05 20:35 - 00000889 _____ () C:\Users\Mosmann\Desktop\Auswertung_Lipos.csv
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:02 - 2014-03-04 19:03 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\InstallShield
2014-02-28 07:23 - 2014-02-28 07:47 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-27 06:54 - 2014-02-27 22:00 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275

==================== One Month Modified Files and Folders =======

2014-03-29 18:10 - 2014-03-22 10:38 - 00017627 _____ () C:\Users\Mosmann\Downloads\FRST.txt
2014-03-29 18:06 - 2014-03-22 10:38 - 00000000 ____D () C:\FRST
2014-03-29 17:56 - 2012-08-20 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-29 15:37 - 2014-02-16 08:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-29 15:32 - 2014-03-29 15:32 - 00987442 _____ () C:\Users\Mosmann\Desktop\SecurityCheck.exe
2014-03-29 15:28 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 15:28 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 15:24 - 2011-10-11 08:40 - 01630003 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 15:20 - 2014-03-29 15:20 - 00302928 _____ () C:\Windows\Minidump\032914-71464-01.dmp
2014-03-29 15:20 - 2013-12-03 08:29 - 00000000 ____D () C:\Windows\Minidump
2014-03-29 15:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 15:20 - 2009-07-14 05:51 - 00072887 _____ () C:\Windows\setupact.log
2014-03-29 15:19 - 2013-12-03 08:29 - 497630035 _____ () C:\Windows\MEMORY.DMP
2014-03-29 13:32 - 2011-11-13 15:00 - 00000000 ____D () C:\Users\Mosmann\Documents\Outlook-Dateien
2014-03-29 13:15 - 2011-10-11 08:46 - 00000000 ____D () C:\Users\Mosmann
2014-03-29 13:13 - 2013-02-08 19:02 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-29 13:13 - 2013-02-08 19:02 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-28 18:20 - 2013-11-06 22:43 - 00042496 _____ () C:\Users\Mosmann\Desktop\Umsatzstatistik_CMD_Modelltechnik.xls
2014-03-28 17:35 - 2013-06-24 20:08 - 00000000 ____D () C:\Users\Mosmann\AppData\Local\CrashDumps
2014-03-28 04:36 - 2013-02-08 19:02 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 04:36 - 2013-02-08 19:02 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 23:19 - 2014-03-27 23:19 - 00294672 _____ () C:\Windows\Minidump\032714-66472-01.dmp
2014-03-27 20:30 - 2014-03-27 20:30 - 00302928 _____ () C:\Windows\Minidump\032714-64506-01.dmp
2014-03-27 18:06 - 2014-03-27 18:05 - 02347384 _____ (ESET) C:\Users\Mosmann\Downloads\esetsmartinstaller_enu.exe
2014-03-26 17:45 - 2014-03-26 17:45 - 00307024 _____ () C:\Windows\Minidump\032614-68500-01.dmp
2014-03-26 17:05 - 2014-03-26 17:05 - 00001257 _____ () C:\Users\Mosmann\Desktop\JRT.txt
2014-03-26 16:42 - 2014-03-26 16:42 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 16:32 - 2014-03-26 16:31 - 01038974 _____ (Thisisu) C:\Users\Mosmann\Downloads\JRT.exe
2014-03-26 07:48 - 2014-03-26 07:43 - 00000000 ____D () C:\AdwCleaner
2014-03-26 07:43 - 2014-03-26 07:42 - 01950720 _____ () C:\Users\Mosmann\Downloads\adwcleaner.exe
2014-03-26 07:36 - 2014-03-24 20:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-25 20:58 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-25 20:23 - 2011-11-20 13:52 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:59 - 2014-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:58 - 2014-03-24 20:57 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Mosmann\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 20:48 - 2014-03-24 20:48 - 00294728 _____ () C:\Windows\Minidump\032414-69264-01.dmp
2014-03-24 20:48 - 2011-10-11 08:37 - 00925874 _____ () C:\Windows\PFRO.log
2014-03-23 20:03 - 2013-05-30 13:36 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\jtl-software
2014-03-23 18:45 - 2014-03-23 17:12 - 00004439 _____ () C:\jtl_ea_log_0.zip
2014-03-23 16:51 - 2014-03-23 16:51 - 00024642 _____ () C:\ComboFix.txt
2014-03-23 16:51 - 2014-03-23 13:50 - 00000000 ____D () C:\Qoobox
2014-03-23 16:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-23 16:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-23 16:24 - 2014-03-23 16:24 - 00331600 _____ () C:\Windows\Minidump\032314-72493-01.dmp
2014-03-23 15:19 - 2014-03-23 11:06 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 11:06 - 2014-03-23 11:05 - 05190773 ____R (Swearware) C:\Users\Mosmann\Desktop\ComboFix.exe
2014-03-22 18:33 - 2012-03-16 22:00 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\FileZilla
2014-03-22 16:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-22 10:40 - 2014-03-22 10:39 - 00089318 _____ () C:\Users\Mosmann\Downloads\Addition.txt
2014-03-22 10:37 - 2014-03-22 10:37 - 02157056 _____ (Farbar) C:\Users\Mosmann\Downloads\FRST64.exe
2014-03-22 09:09 - 2014-03-22 09:09 - 00315272 _____ () C:\Windows\Minidump\032214-69326-01.dmp
2014-03-22 00:09 - 2014-03-21 23:37 - 00014090 _____ () C:\Users\Mosmann\Downloads\hijackthis.log
2014-03-21 23:33 - 2011-10-11 08:55 - 00000000 ____D () C:\Users\Mosmann\AppData\Local\VirtualStore
2014-03-21 23:31 - 2014-03-21 23:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mosmann\Downloads\HiJackThis204.exe
2014-03-21 00:20 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 23:43 - 2011-12-03 08:50 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 17:38 - 2014-03-09 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-20 16:12 - 2014-02-16 08:26 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-20 16:12 - 2014-02-16 08:26 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-20 15:54 - 2014-03-20 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 19:14 - 2009-07-14 05:45 - 00428632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 19:12 - 2012-05-16 16:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 18:54 - 2010-04-26 10:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 19:07 - 2014-03-13 19:07 - 00302984 _____ () C:\Windows\Minidump\031314-69108-01.dmp
2014-03-11 21:05 - 2012-08-20 21:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2012-08-20 21:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:05 - 2011-11-12 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 07:39 - 2014-03-06 21:25 - 00007593 _____ () C:\Users\Mosmann\AppData\Local\Resmon.ResmonCfg
2014-03-09 16:32 - 2014-03-09 16:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 12:47 - 2014-03-09 12:47 - 00084338 _____ () C:\Users\Mosmann\Downloads\amw1421.bin
2014-03-08 18:24 - 2014-03-08 18:24 - 00000000 ____D () C:\Windows\pss
2014-03-08 18:24 - 2011-10-11 08:55 - 00000000 ___RD () C:\Users\Mosmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-08 18:20 - 2013-09-23 18:14 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\Dropbox
2014-03-08 18:19 - 2013-09-23 18:16 - 00000000 ___RD () C:\Users\Mosmann\Dropbox
2014-03-08 18:19 - 2012-06-11 20:21 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\BOM
2014-03-08 18:16 - 2014-03-08 18:16 - 00302928 _____ () C:\Windows\Minidump\030814-65395-01.dmp
2014-03-08 12:09 - 2014-03-08 12:09 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-08 12:09 - 2014-03-08 12:09 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-08 12:09 - 2014-03-08 12:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-08 11:17 - 2014-02-21 17:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-08 11:15 - 2014-02-21 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-07 18:06 - 2012-01-22 18:15 - 00000659 _____ () C:\Windows\wiso.ini
2014-03-05 20:35 - 2014-03-05 19:52 - 00000889 _____ () C:\Users\Mosmann\Desktop\Auswertung_Lipos.csv
2014-03-05 09:26 - 2014-03-24 20:59 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-24 20:59 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-24 20:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 03:55 - 2012-02-08 10:37 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\Skype
2014-03-04 20:41 - 2012-01-23 19:24 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-03-04 19:03 - 2014-03-04 19:03 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-03-04 19:03 - 2014-03-04 19:02 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-04 19:03 - 2010-04-26 09:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\Desktop\Wireless LAN_Atheros_9.0.0.173_Win7x64_Aspire 5553G
2014-03-04 19:02 - 2014-03-04 19:02 - 00000000 ____D () C:\Users\Mosmann\AppData\Roaming\InstallShield
2014-03-01 09:52 - 2011-10-11 18:30 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 09:52 - 2011-10-11 18:30 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 09:52 - 2009-07-14 06:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 20:11 - 2013-10-03 18:36 - 00000000 ____D () C:\Users\Mosmann\Documents\Bewerbungsunterlagen
2014-02-28 07:47 - 2014-02-28 07:23 - 00000000 ____D () C:\f7b9042a4e8bd6a7d53c1e4e2073b266
2014-02-28 07:27 - 2013-06-04 17:53 - 01603788 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 22:00 - 2014-02-27 06:54 - 00000000 ____D () C:\97c4388b07878cb82301031cef59e275

Some content of TEMP:
====================
C:\Users\Mosmann\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 16:24

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

schrauber · 30.03.2014, 07:42

Java und Adobe updaten.

Wann ist er denn langsam? Nur beim Start, oder allgemein?

Seppelscrabl · 30.03.2014, 15:13

Hallo,
die Programme habe ich aktualisiert und auch ein Problem mit meiner Festplatte gelöst, welches mir von Windows gemeldet wurde.

Der Rechner ist gefühlt immer am Anschlag seiner Leistung. Die Programme benötigen ewig bis sie laufen.

Hast du vielleicht noch einen Tipp für mich?

schrauber · 31.03.2014, 11:33

How to perform a clean boot in Windows

Mach bitte mal nen Clean Boot und teste nochmal.

Seppelscrabl · 05.04.2014, 12:07

Es geht wieder alles....

War wohl doch eine beschädigte Datei auf der Festplatte.

Nochmal vielen vielen Dank für den Support

schrauber · 06.04.2014, 12:05

Clean Boot hat nix mit beschädigte Datei zu tun. DU hast nun alles an Diensten beim Start deaktiviert. Jetzt einzeln einen wieder aktivieren, testen, REchner immer noch schnell, nächsten aktivieren, reboot, testen.

Solange bis Du weißt welcher Dienst da bremst.

30.03.2014, 07:42	#11
schrauber /// the machine /// TB-Ausbilder	Win 7, 64 Bit,Firefox/Outlook/Sonstige Programme hängen sich dauernd auf,Phys. Speichernutzung >35% Java und Adobe updaten. Wann ist er denn langsam? Nur beim Start, oder allgemein? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

31.03.2014, 11:33	#13
schrauber /// the machine /// TB-Ausbilder	Win 7, 64 Bit,Firefox/Outlook/Sonstige Programme hängen sich dauernd auf,Phys. Speichernutzung >35% How to perform a clean boot in Windows Mach bitte mal nen Clean Boot und teste nochmal. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Win 7, 64 Bit,Firefox/Outlook/Sonstige Programme hängen sich dauernd auf,Phys. Speichernutzung >35%

Log-Analyse und Auswertung: Win 7, 64 Bit,Firefox/Outlook/Sonstige Programme hängen sich dauernd auf,Phys. Speichernutzung >35%