|
Log-Analyse und Auswertung: Verdacht auf KeyloggerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.05.2014, 19:19 | #1 |
| Verdacht auf Keylogger Hallo zusammen, ich habe den Verdacht, dass sich ein Keylogger auf meinem System eingenistet hat.Es wurden in den letzten zwei Tagen zwei Accounts mit unterschiedlichen und recht sicheren Passwörtern von mir geknackt. Ich habe mich dort von meinem Handy und meinem Laptop eingeloggt. Logfiles von Malwarebytes und Spybot habe ich bereits erstellt und sind im Anhang. Falls noch Logs von anderen Programmen benötigt werden, bitte Bescheid geben. Ich hoffe ihr könnt mir bei meinem Problem helfen. Vielen Dank im Vorraus. |
26.05.2014, 19:56 | #2 |
/// the machine /// TB-Ausbilder | Verdacht auf Keylogger Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
26.05.2014, 20:29 | #3 |
| Verdacht auf KeyloggerCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 26.05.2014 Scan Time: 18:51:05 Logfile: mbam.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.05.26.02 Rootkit Database: v2014.05.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: ***** Scan Type: Threat Scan Result: Completed Objects Scanned: 279743 Time Elapsed: 16 min, 54 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\50b1f5e2-1233-43b5-b9b4-5cbfafb8a6d4, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 5 PUP.Optional.InstalleRex.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Custom.dll, Quarantined, [08f253022d4e73c378c869da8c747a86], PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Setup.exe, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709], PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RXI8S7V.exe, Quarantined, [9b5fc09546350630a8a8e19635cc7789], PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [23d7bb9a1d5e5fd7539caae3986a8f71], PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [8f6bc590d8a34ceac629c8c5ee1439c7], Physical Sectors: 0 (No malicious items detected) (end) Hier nochmal zwei Logs von AdwCleaner und vom Eset Online Scanner Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 26/05/2014 um 21:21:30 # Aktualisiert 26/05/2014 von Xplode # Betriebssystem : Windows 8.1 Pro (64 bits) # Benutzername : ***** - *****-LAPTOP # Gestartet von : C:\Users\*****\Downloads\adwcleaner_3.211.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\*****\AppData\Local\Temp\OCS ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17037 -\\ Mozilla Firefox v29.0.1 (de) [ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\prefs.js ] -\\ Google Chrome v35.0.1916.114 [ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3226 octets] - [11/05/2014 12:20:59] AdwCleaner[R1].txt - [1249 octets] - [26/05/2014 20:26:32] AdwCleaner[S0].txt - [3201 octets] - [11/05/2014 12:22:58] AdwCleaner[S1].txt - [1124 octets] - [26/05/2014 21:21:30] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1184 octets] ########## Code:
ATTFilter C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RYR8Q22.exe Win32/OpenCandy potentially unsafe application deleted - quarantined C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/InstalleRex.M potentially unwanted application deleted - quarantined |
27.05.2014, 18:13 | #4 |
/// the machine /// TB-Ausbilder | Verdacht auf Keylogger hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.05.2014, 21:36 | #5 |
| Verdacht auf Keylogger FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02 Ran by ***** (administrator) on *****-LAPTOP on 27-05-2014 22:31:58 Running from C:\Users\*****\Downloads Platform: Windows 8.1 Pro (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-09-12] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\MountPoints2: {4f7fe34f-c99f-11e3-8252-002618f7a88e} - "F:\SETUP.EXE" ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\Programme\Office 2010\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect - D:\Programme\Photoshop CS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Programme\Photoshop CS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Firebug - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\Extensions\firebug@software.joehewitt.com.xpi [2014-04-23] FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-22] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22] CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-04-22] CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-22] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-22] CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2014-04-22] CHR Extension: (TweetDeck by Twitter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-04-22] CHR Extension: (Zoho Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemfhbmnkbapnnmiadkbiaokccjnhge [2014-04-22] CHR Extension: (Google Maps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-04-22] CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22] CHR Extension: (Marmoset) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npkfpddkpefnmkflhhligbkofhnafieb [2014-04-25] CHR Extension: (CCTV View) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajmcmcpiboagipoflploplebgicaadj [2014-04-28] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-01] (AVAST Software) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Office 2010\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-01] () R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-22] (Disc Soft Ltd) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2014-03-18] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] () R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-27 22:31 - 2014-05-27 22:32 - 00014555 _____ () C:\Users\*****\Downloads\FRST.txt 2014-05-27 22:31 - 2014-05-27 22:31 - 02066944 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe 2014-05-27 22:31 - 2014-05-27 22:31 - 00000000 ____D () C:\FRST 2014-05-27 22:20 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-05-27 22:20 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-05-27 22:20 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2014-05-27 22:20 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-27 22:20 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-27 22:20 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2014-05-27 22:20 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2014-05-27 22:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll 2014-05-27 22:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2014-05-27 22:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2014-05-27 22:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll 2014-05-27 22:19 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-05-27 22:19 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2014-05-27 22:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2014-05-27 22:19 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2014-05-27 22:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2014-05-27 22:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2014-05-27 22:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2014-05-27 22:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2014-05-27 22:19 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll 2014-05-27 22:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-05-27 22:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2014-05-27 22:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2014-05-27 22:19 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-27 22:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2014-05-27 22:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-05-27 22:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-05-27 22:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-05-27 22:19 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2014-05-27 22:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll 2014-05-27 22:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2014-05-27 22:19 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-05-27 22:19 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-05-27 22:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-05-27 22:19 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2014-05-27 22:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-05-27 22:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-05-27 22:19 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-05-27 22:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-05-27 22:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-05-27 22:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2014-05-27 22:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-05-27 22:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-05-27 22:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2014-05-27 22:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2014-05-27 22:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-05-27 22:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2014-05-27 22:19 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2014-05-27 22:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2014-05-27 22:19 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2014-05-27 22:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2014-05-27 22:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2014-05-27 22:19 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2014-05-27 22:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-05-27 22:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2014-05-27 22:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-05-27 22:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2014-05-27 22:19 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2014-05-27 22:19 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-05-27 22:19 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-05-27 22:19 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2014-05-27 22:19 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-05-27 22:19 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-05-27 22:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll 2014-05-27 22:19 - 2014-04-03 04:22 - 03359744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-05-27 22:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll 2014-05-27 22:19 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2014-05-27 22:19 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-27 22:19 - 2014-03-31 07:35 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-05-27 22:19 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-05-27 22:19 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll 2014-05-27 22:19 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2014-05-27 22:19 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2014-05-27 22:19 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2014-05-27 22:19 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2014-05-27 22:19 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2014-05-27 22:19 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-05-27 22:19 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-05-27 22:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2014-05-27 22:19 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-05-27 22:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2014-05-27 22:19 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2014-05-27 22:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2014-05-27 22:19 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2014-05-27 22:19 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2014-05-27 22:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll 2014-05-27 22:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2014-05-27 22:19 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-05-27 22:19 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll 2014-05-27 22:19 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2014-05-27 22:19 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2014-05-27 22:19 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-05-27 22:19 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2014-05-27 22:19 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-05-27 22:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2014-05-27 22:19 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2014-05-27 22:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-05-27 22:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2014-05-27 22:19 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-05-27 22:19 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-05-27 22:19 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2014-05-27 22:19 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2014-05-27 22:19 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2014-05-27 22:19 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2014-05-27 22:19 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2014-05-27 22:19 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2014-05-27 22:19 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2014-05-27 22:19 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2014-05-27 22:19 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-05-27 22:19 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2014-05-27 22:19 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2014-05-27 22:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-05-27 22:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-05-27 22:19 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2014-05-27 22:19 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-05-27 22:19 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2014-05-27 22:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll 2014-05-27 22:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll 2014-05-27 22:19 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2014-05-27 22:19 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-05-27 19:29 - 2014-05-27 19:29 - 00002087 _____ () C:\Users\*****\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-05-27 19:29 - 2014-05-27 19:29 - 00002031 _____ () C:\Users\*****\Desktop\Avira PC Cleaner.lnk 2014-05-27 19:28 - 2014-05-27 19:28 - 02278856 _____ () C:\Users\*****\Downloads\avira_pc_cleaner_de.exe 2014-05-26 23:44 - 2014-05-26 23:44 - 00000000 ____D () C:\Users\*****\Documents\ProcAlyzer Dumps 2014-05-26 21:25 - 2014-05-26 21:25 - 00001258 _____ () C:\Users\*****\Desktop\adw.txt 2014-05-26 21:20 - 2014-05-26 23:47 - 00000463 _____ () C:\Users\*****\Desktop\eset.txt 2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-26 20:39 - 2014-05-26 20:39 - 02347384 _____ (ESET) C:\Users\*****\Downloads\esetsmartinstaller_enu.exe 2014-05-26 20:25 - 2014-05-26 20:25 - 01327971 _____ () C:\Users\*****\Downloads\adwcleaner_3.211.exe 2014-05-26 20:19 - 2014-05-26 20:19 - 00144372 _____ () C:\Users\*****\Desktop\logs.zip 2014-05-26 19:47 - 2014-05-26 20:23 - 01104758 _____ () C:\Users\*****\Desktop\spybot.txt 2014-05-26 19:10 - 2014-05-26 20:58 - 00002012 _____ () C:\Users\*****\Desktop\mbam.txt 2014-05-26 19:00 - 2014-05-26 19:00 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-05-26 19:00 - 2014-05-26 19:00 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-05-26 18:59 - 2014-05-26 19:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-05-26 18:59 - 2014-05-26 19:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-05-26 18:59 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-05-26 18:52 - 2014-05-26 18:53 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\*****\Downloads\spybot-2.3.exe 2014-05-26 18:50 - 2014-05-26 18:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-26 18:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-26 18:50 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-26 18:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-26 18:49 - 2014-05-26 18:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe 2014-05-25 19:37 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\*****\Desktop\Kleinanzeigen 2014-05-24 10:42 - 2014-05-24 10:42 - 00005508 _____ () C:\Users\*****\Downloads\51j8jzz83p2598i.dlc 2014-05-19 20:27 - 2014-05-19 20:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-05-19 20:10 - 2014-05-19 20:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-05-18 16:17 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\*****\Downloads\5589-b 2014-05-18 15:41 - 2014-05-18 16:18 - 00000000 ____D () C:\Users\*****\Downloads\desmume-0.9.10-win64 2014-05-16 21:24 - 2014-05-01 22:30 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-16 21:24 - 2014-05-01 22:30 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-15 16:29 - 2014-05-15 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-15 16:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2014-05-15 16:01 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-05-15 16:01 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2014-05-15 16:01 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-05-15 16:01 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2014-05-15 16:01 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe 2014-05-15 16:00 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-15 16:00 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-15 16:00 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-15 16:00 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-15 16:00 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2014-05-15 16:00 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-05-15 16:00 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2014-05-15 16:00 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-05-15 16:00 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe 2014-05-15 16:00 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-05-15 16:00 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2014-05-15 16:00 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-05-15 16:00 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-15 16:00 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-05-15 16:00 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-15 16:00 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-05-15 16:00 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-05-15 16:00 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-05-15 16:00 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-05-15 16:00 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-05-15 16:00 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-05-15 16:00 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-05-15 16:00 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-05-15 16:00 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-05-15 16:00 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2014-05-15 16:00 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-05-15 16:00 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2014-05-15 16:00 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-05-15 16:00 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll 2014-05-15 16:00 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll 2014-05-15 16:00 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll 2014-05-15 16:00 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll 2014-05-11 23:04 - 2014-05-11 23:26 - 00005565 _____ () C:\Users\*****\Downloads\SecureDownloadManager.log 2014-05-11 23:00 - 2014-05-11 23:00 - 00003179 _____ () C:\Users\*****\Desktop\Secure Download Manager.lnk 2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\e-academy Inc 2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Local\e-academy Inc 2014-05-11 22:59 - 2014-05-11 22:59 - 00720896 _____ () C:\Users\*****\Downloads\SDM_DE.msi 2014-05-11 22:59 - 2014-05-11 22:59 - 00000183 _____ () C:\Users\*****\Downloads\100097007456.sdx 2014-05-11 12:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-11 12:20 - 2014-05-26 21:21 - 00000000 ____D () C:\AdwCleaner 2014-05-10 11:34 - 2014-05-10 11:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-07 23:22 - 2014-05-07 23:21 - 00043648 _____ () C:\Users\*****\Downloads\DroidSerif.ttf 2014-05-07 23:21 - 2014-05-07 23:21 - 00119546 _____ () C:\Users\*****\Downloads\droid-serif.zip 2014-05-06 15:10 - 2014-05-06 15:18 - 00000000 ____D () C:\Users\*****\Documents\Scan 2014-05-06 15:01 - 2014-05-06 15:01 - 00001965 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk 2014-05-06 15:01 - 2014-05-06 15:01 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canneverbe Limited 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\ProgramData\Canneverbe Limited 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MySQL 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Program Files (x86)\MySQL 2014-05-03 00:51 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-03 00:51 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 20:06 - 2014-05-15 15:55 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-01 20:06 - 2014-05-01 20:06 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-05-01 19:58 - 2014-05-01 19:58 - 00000000 ____D () C:\Users\*****\Downloads\Abschlussprüfung 2014-05-01 19:32 - 2013-09-12 05:22 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMBLGE.DLL 2014-05-01 19:31 - 2014-05-27 22:31 - 00000947 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job 2014-05-01 19:31 - 2014-05-27 22:31 - 00000761 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job 2014-05-01 19:31 - 2014-05-01 19:31 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} 2014-05-01 19:31 - 2014-05-01 19:31 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} 2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ____D () C:\Program Files\EpsonNet 2014-05-01 19:03 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll 2014-05-01 19:03 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll 2014-05-01 19:03 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll 2014-05-01 19:03 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll 2014-05-01 19:03 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll 2014-05-01 19:03 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll 2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\EPSON Software 2014-05-01 19:01 - 2014-05-01 19:01 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk 2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\Program Files (x86)\epson 2014-05-01 19:01 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll 2014-05-01 19:01 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe 2014-05-01 18:29 - 2014-05-01 18:29 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2014-05-01 17:31 - 2014-05-01 18:53 - 00000000 ____D () C:\ProgramData\EPSON 2014-05-01 17:31 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ID4BLGE.DLL 2014-05-01 17:31 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL 2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DropboxMaster 2014-05-01 09:48 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox 2014-05-01 01:46 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-05-01 01:44 - 2014-05-01 01:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-01 01:44 - 2014-05-01 01:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-04-30 22:44 - 2014-04-30 22:44 - 00000000 ____D () C:\Users\*****\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-04-28 23:16 - 2014-04-28 23:16 - 00001456 _____ () C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-04-28 22:08 - 2014-05-04 23:39 - 00000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-04-28 21:56 - 2014-05-02 19:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Local\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-04-28 14:43 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\MiniApp 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\*****\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-04-28 14:41 - 2014-04-28 20:18 - 00000000 ____D () C:\ProgramData\2f16da238c7b237 2014-04-28 14:41 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\InstallMate 2014-04-28 14:41 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-04-28 14:41 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator 2014-04-28 14:29 - 2014-05-09 12:57 - 00193536 ___SH () C:\Users\*****\Downloads\Thumbs.db 2014-04-28 14:28 - 2014-04-28 20:18 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Ashampoo 2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Local\ashampoo 2014-04-27 23:53 - 2014-04-27 23:53 - 00001562 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2014-04-27 23:35 - 2014-04-27 23:35 - 00003514 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de 2014-04-27 23:28 - 2014-04-27 23:35 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-04-27 23:27 - 2014-04-27 23:27 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2014-04-27 23:26 - 2014-04-27 23:26 - 00000913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2014-04-27 23:26 - 2014-04-27 23:26 - 00000888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2014-04-27 23:25 - 2014-04-27 23:25 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2014-04-27 23:23 - 2014-05-01 20:06 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-04-27 23:23 - 2014-04-27 23:23 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2014-04-27 23:23 - 2014-04-27 23:23 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2014-04-27 23:20 - 2014-04-27 23:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-27 23:09 - 2014-05-01 20:11 - 00000000 ____D () C:\ProgramData\Adobe 2014-04-27 21:25 - 2014-04-27 21:25 - 00002168 _____ () C:\Users\*****\AppData\Local\recently-used.xbel ==================== One Month Modified Files and Folders ======= 2014-05-27 22:32 - 2014-05-27 22:31 - 00014555 _____ () C:\Users\*****\Downloads\FRST.txt 2014-05-27 22:31 - 2014-05-27 22:31 - 02066944 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe 2014-05-27 22:31 - 2014-05-27 22:31 - 00000000 ____D () C:\FRST 2014-05-27 22:31 - 2014-05-01 19:31 - 00000947 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job 2014-05-27 22:31 - 2014-05-01 19:31 - 00000761 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job 2014-05-27 22:31 - 2014-04-21 21:54 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3756904942-2459461274-3818286609-1001 2014-05-27 22:31 - 2014-03-18 12:04 - 01686150 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-27 22:31 - 2014-03-18 11:25 - 00727930 _____ () C:\Windows\system32\perfh007.dat 2014-05-27 22:31 - 2014-03-18 11:25 - 00151586 _____ () C:\Windows\system32\perfc007.dat 2014-05-27 22:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-05-27 22:27 - 2014-04-22 00:11 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-05-27 22:26 - 2014-04-21 21:51 - 00000000 __RDO () C:\Users\*****\OneDrive 2014-05-27 22:25 - 2014-04-22 00:10 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-27 22:25 - 2014-04-21 21:48 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-27 22:25 - 2014-04-21 21:48 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-27 22:24 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-27 22:24 - 2013-08-22 16:44 - 05107520 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-27 22:23 - 2014-03-18 03:51 - 00095332 _____ () C:\Windows\PFRO.log 2014-05-27 22:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2014-05-27 22:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-05-27 22:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe 2014-05-27 22:22 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-05-27 22:21 - 2014-04-21 21:44 - 01511927 _____ () C:\Windows\WindowsUpdate.log 2014-05-27 22:20 - 2014-04-22 00:10 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-27 22:19 - 2014-04-21 21:59 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0A9E995-E1B7-4820-8B39-301FE747062C} 2014-05-27 22:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2014-05-27 20:54 - 2014-04-25 00:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-27 19:29 - 2014-05-27 19:29 - 00002087 _____ () C:\Users\*****\Desktop\Entfernen des Avira PC Cleaners.lnk 2014-05-27 19:29 - 2014-05-27 19:29 - 00002031 _____ () C:\Users\*****\Desktop\Avira PC Cleaner.lnk 2014-05-27 19:28 - 2014-05-27 19:28 - 02278856 _____ () C:\Users\*****\Downloads\avira_pc_cleaner_de.exe 2014-05-27 19:08 - 2014-04-25 00:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe 2014-05-26 23:47 - 2014-05-26 21:20 - 00000463 _____ () C:\Users\*****\Desktop\eset.txt 2014-05-26 23:44 - 2014-05-26 23:44 - 00000000 ____D () C:\Users\*****\Documents\ProcAlyzer Dumps 2014-05-26 21:25 - 2014-05-26 21:25 - 00001258 _____ () C:\Users\*****\Desktop\adw.txt 2014-05-26 21:21 - 2014-05-11 12:20 - 00000000 ____D () C:\AdwCleaner 2014-05-26 20:58 - 2014-05-26 19:10 - 00002012 _____ () C:\Users\*****\Desktop\mbam.txt 2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-26 20:39 - 2014-05-26 20:39 - 02347384 _____ (ESET) C:\Users\*****\Downloads\esetsmartinstaller_enu.exe 2014-05-26 20:25 - 2014-05-26 20:25 - 01327971 _____ () C:\Users\*****\Downloads\adwcleaner_3.211.exe 2014-05-26 20:23 - 2014-05-26 19:47 - 01104758 _____ () C:\Users\*****\Desktop\spybot.txt 2014-05-26 20:19 - 2014-05-26 20:19 - 00144372 _____ () C:\Users\*****\Desktop\logs.zip 2014-05-26 20:19 - 2014-04-25 00:11 - 00123904 ___SH () C:\Users\*****\Desktop\Thumbs.db 2014-05-26 19:47 - 2014-05-26 18:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-05-26 19:01 - 2014-05-26 18:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-05-26 19:00 - 2014-05-26 19:00 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-05-26 19:00 - 2014-05-26 19:00 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-05-26 18:53 - 2014-05-26 18:52 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\*****\Downloads\spybot-2.3.exe 2014-05-26 18:50 - 2014-05-26 18:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-26 18:49 - 2014-05-26 18:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe 2014-05-25 20:12 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\*****\Desktop\Kleinanzeigen 2014-05-25 19:42 - 2013-08-22 16:46 - 00022899 _____ () C:\Windows\setupact.log 2014-05-24 10:42 - 2014-05-24 10:42 - 00005508 _____ () C:\Users\*****\Downloads\51j8jzz83p2598i.dlc 2014-05-24 10:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-05-20 16:37 - 2014-04-21 21:47 - 00000000 ____D () C:\Users\***** 2014-05-19 20:27 - 2014-05-19 20:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-05-19 20:10 - 2014-05-19 20:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-05-18 16:18 - 2014-05-18 15:41 - 00000000 ____D () C:\Users\*****\Downloads\desmume-0.9.10-win64 2014-05-18 16:17 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\*****\Downloads\5589-b 2014-05-18 10:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-05-15 16:30 - 2014-04-22 23:22 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-15 16:29 - 2014-05-15 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-05-15 16:28 - 2014-04-23 21:36 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-15 16:26 - 2014-04-23 21:36 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-15 16:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-05-15 15:55 - 2014-05-01 20:06 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-15 15:55 - 2014-04-22 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-05-15 15:55 - 2014-04-22 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-05-15 15:55 - 2014-04-22 00:16 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-05-13 19:55 - 2014-04-25 00:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-12 07:26 - 2014-05-26 18:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-26 18:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-26 18:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-11 23:26 - 2014-05-11 23:04 - 00005565 _____ () C:\Users\*****\Downloads\SecureDownloadManager.log 2014-05-11 23:00 - 2014-05-11 23:00 - 00003179 _____ () C:\Users\*****\Desktop\Secure Download Manager.lnk 2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\e-academy Inc 2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Local\e-academy Inc 2014-05-11 22:59 - 2014-05-11 22:59 - 00720896 _____ () C:\Users\*****\Downloads\SDM_DE.msi 2014-05-11 22:59 - 2014-05-11 22:59 - 00000183 _____ () C:\Users\*****\Downloads\100097007456.sdx 2014-05-11 12:24 - 2014-04-23 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-10 11:34 - 2014-05-10 11:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-09 12:57 - 2014-04-28 14:29 - 00193536 ___SH () C:\Users\*****\Downloads\Thumbs.db 2014-05-08 16:15 - 2014-04-22 00:10 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 16:15 - 2014-04-22 00:10 - 00003874 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-07 23:21 - 2014-05-07 23:22 - 00043648 _____ () C:\Users\*****\Downloads\DroidSerif.ttf 2014-05-07 23:21 - 2014-05-07 23:21 - 00119546 _____ () C:\Users\*****\Downloads\droid-serif.zip 2014-05-06 15:18 - 2014-05-06 15:10 - 00000000 ____D () C:\Users\*****\Documents\Scan 2014-05-06 15:01 - 2014-05-06 15:01 - 00001965 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk 2014-05-06 15:01 - 2014-05-06 15:01 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canneverbe Limited 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\ProgramData\Canneverbe Limited 2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP 2014-05-06 06:40 - 2014-05-15 16:00 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 05:25 - 2014-05-15 16:00 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:00 - 2014-05-15 16:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-15 16:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-04 23:39 - 2014-04-28 22:08 - 00000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MySQL 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL 2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Program Files (x86)\MySQL 2014-05-02 19:36 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype 2014-05-01 22:30 - 2014-05-16 21:24 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-01 22:30 - 2014-05-16 21:24 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-01 20:11 - 2014-04-27 23:09 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-01 20:09 - 2014-04-21 21:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe 2014-05-01 20:06 - 2014-05-01 20:06 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-05-01 20:06 - 2014-04-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-05-01 19:58 - 2014-05-01 19:58 - 00000000 ____D () C:\Users\*****\Downloads\Abschlussprüfung 2014-05-01 19:31 - 2014-05-01 19:31 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} 2014-05-01 19:31 - 2014-05-01 19:31 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} 2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ____D () C:\Program Files\EpsonNet 2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\EPSON Software 2014-05-01 19:01 - 2014-05-01 19:01 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk 2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\Program Files (x86)\epson 2014-05-01 18:53 - 2014-05-01 17:31 - 00000000 ____D () C:\ProgramData\EPSON 2014-05-01 18:29 - 2014-05-01 18:29 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DropboxMaster 2014-05-01 09:49 - 2014-05-01 09:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox 2014-05-01 01:45 - 2014-04-22 00:17 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-05-01 01:44 - 2014-05-01 01:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-01 01:44 - 2014-05-01 01:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-05-01 01:44 - 2014-04-22 00:17 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-05-01 01:44 - 2014-04-22 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400162132078 2014-05-01 01:44 - 2014-04-22 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400162132078 2014-05-01 01:44 - 2014-04-22 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-05-01 01:44 - 2014-04-22 00:16 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-05-01 01:44 - 2014-04-22 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-05-01 01:44 - 2014-04-22 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-05-01 01:44 - 2014-04-22 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-04-30 22:44 - 2014-04-30 22:44 - 00000000 ____D () C:\Users\*****\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-04-28 23:16 - 2014-04-28 23:16 - 00001456 _____ () C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-04-28 21:56 - 2014-04-28 21:56 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Local\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Skype 2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-04-28 20:18 - 2014-04-28 14:41 - 00000000 ____D () C:\ProgramData\2f16da238c7b237 2014-04-28 20:18 - 2014-04-28 14:28 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-04-28 14:43 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\MiniApp 2014-04-28 14:43 - 2014-04-28 14:41 - 00000000 ____D () C:\ProgramData\InstallMate 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\*****\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-04-28 14:42 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-04-28 14:42 - 2014-04-22 00:10 - 00000000 ____D () C:\Users\*****\AppData\Local\Google 2014-04-28 14:41 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator 2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Ashampoo 2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Local\ashampoo 2014-04-27 23:57 - 2014-04-27 23:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-27 23:53 - 2014-04-27 23:53 - 00001562 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2014-04-27 23:37 - 2014-04-23 00:14 - 00000000 ____D () C:\Users\*****\.gimp-2.8 2014-04-27 23:35 - 2014-04-27 23:35 - 00003514 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de 2014-04-27 23:35 - 2014-04-27 23:28 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-04-27 23:27 - 2014-04-27 23:27 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2014-04-27 23:26 - 2014-04-27 23:26 - 00000913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2014-04-27 23:26 - 2014-04-27 23:26 - 00000888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2014-04-27 23:25 - 2014-04-27 23:25 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2014-04-27 23:23 - 2014-04-27 23:23 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2014-04-27 23:23 - 2014-04-27 23:23 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2014-04-27 23:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-27 21:25 - 2014-04-27 21:25 - 00002168 _____ () C:\Users\*****\AppData\Local\recently-used.xbel 2014-04-27 21:25 - 2014-04-24 22:40 - 00000000 ____D () C:\Users\*****\AppData\Local\gtk-2.0 Some content of TEMP: ==================== C:\Users\*****\AppData\Local\Temp\ose00000.exe C:\Users\*****\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe [2014-05-27 22:19] - [2014-03-28 17:58] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972 C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-05-27 22:19] - [2014-03-06 14:42] - 0310616 ____A (Microsoft Corporation) 4BB9BC49DEE1A319EC58274A7BBED663 LastRegBack: 2014-05-22 19:26 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02 Ran by ***** at 2014-05-27 22:33:15 Running from C:\Users\*****\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F2CE207D-C146-4BFD-A1C2-219483C58819}) (Version: - Microsoft) Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation) Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MySQL Workbench 6.1 CE (HKLM-x32\...\{625991FA-1A48-4AD8-95D5-84A0C9896C9A}) (Version: 6.1.4 - Oracle Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami) ==================== Restore Points ========================= 15-05-2014 14:22:55 Windows Update 24-05-2014 08:23:32 Geplanter Prüfpunkt 27-05-2014 20:20:17 Windows Update ==================== Hosts content: ========================== 2013-08-22 15:25 - 2014-04-27 23:37 - 00000892 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0BC32B2D-93F4-45F4-B338-9BC59A6EB744} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {1D15A186-7404-42BD-A51C-64E6574BA589} - System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-09-12] (SEIKO EPSON CORPORATION) Task: {1E08DBCE-8002-4FA9-8510-26ED4838A437} - System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-09-12] (SEIKO EPSON CORPORATION) Task: {1F2D7BAE-62D4-4467-A97F-CD9E86C0B564} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2088FAB2-AAF7-45E6-ABED-FC42BAD887C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22] (Google Inc.) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {47FE00D6-2FB4-40F5-AB09-945BAE57E5FD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5A99D2AB-43BC-4649-8C2F-76CAB6CD115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8C981FEB-C567-4353-92BF-EB16F9496412} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {97968DA7-809B-44BB-B64B-78BF1DC0F388} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A9B946C6-71F6-4504-A414-449D3B0347DF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {AB3210B5-1B03-458F-83DD-27F72AC5C1E4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-01] (AVAST Software) Task: {B6E35E30-525C-493F-BB96-7D083EDF5EA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22] (Google Inc.) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DCDA5F4B-97DF-4420-B875-D573F59A1C3F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {DCE3D606-9E17-4E65-B72D-0EF3F4603DE5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation) Task: {DDE82480-4AC2-4F39-B208-0E4A4FEE5628} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-05-15] (Microsoft Corporation) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EF8C2FA6-0E8C-4B62-ADF9-51091F4577A7} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-05-27 20:13 - 2014-05-27 20:13 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052700\algo.dll 2014-05-27 22:25 - 2014-05-27 22:25 - 02256384 _____ () C:\Program Files\AVAST Software\Avast\defs\14052701\algo.dll 2014-05-26 18:59 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-05-26 18:59 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-05-26 18:59 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-05-26 18:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-05-26 18:59 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-04-22 00:16 - 2014-04-22 00:16 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-05-10 11:34 - 2014-05-10 11:34 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\*****\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/27/2014 08:12:55 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (05/26/2014 08:40:01 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (05/26/2014 08:39:59 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (05/26/2014 08:39:55 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (05/26/2014 08:39:54 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (05/25/2014 07:38:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.3.9600.17039 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1130 Startzeit: 01cf78295da15fc6 Endzeit: 0 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: 549fc1d9-e433-11e3-825f-002618f7a88e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/25/2014 07:37:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 6d8 Startzeit: 01cf783fe8615d11 Endzeit: 3352 Anwendungspfad: C:\Windows\system32\DllHost.exe Berichts-ID: 2a1529a6-e433-11e3-825f-002618f7a88e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/25/2014 07:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: af4 Startzeit: 01cf783fcd2b48b9 Endzeit: 3366 Anwendungspfad: C:\Windows\system32\DllHost.exe Berichts-ID: 1d3efc37-e433-11e3-825f-002618f7a88e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/25/2014 07:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9fc Startzeit: 01cf783fb77e2de2 Endzeit: 3384 Anwendungspfad: C:\Windows\system32\DllHost.exe Berichts-ID: 05cf3823-e433-11e3-825f-002618f7a88e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/15/2014 03:54:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: *****-LAPTOP) Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127 System errors: ============= Error: (05/20/2014 04:20:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 19.05.2014 um 22:15:26 unerwartet heruntergefahren. Error: (05/13/2014 07:18:10 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.05.2014 um 19:12:46 unerwartet heruntergefahren. Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107. Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107. Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (05/02/2014 04:08:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107. Error: (05/02/2014 04:08:38 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Error: (05/02/2014 04:08:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107. Error: (05/02/2014 04:08:37 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT) Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung. Microsoft Office Sessions: ========================= Error: (05/27/2014 08:12:55 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe Error: (05/26/2014 08:40:01 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe Error: (05/26/2014 08:39:59 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe Error: (05/26/2014 08:39:55 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe Error: (05/26/2014 08:39:54 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe Error: (05/25/2014 07:38:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.3.9600.17039113001cf78295da15fc60C:\Windows\Explorer.EXE549fc1d9-e433-11e3-825f-002618f7a88e Error: (05/25/2014 07:37:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: DllHost.exe6.3.9600.163846d801cf783fe8615d113352C:\Windows\system32\DllHost.exe2a1529a6-e433-11e3-825f-002618f7a88e Error: (05/25/2014 07:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: DllHost.exe6.3.9600.16384af401cf783fcd2b48b93366C:\Windows\system32\DllHost.exe1d3efc37-e433-11e3-825f-002618f7a88e Error: (05/25/2014 07:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: DllHost.exe6.3.9600.163849fc01cf783fb77e2de23384C:\Windows\system32\DllHost.exe05cf3823-e433-11e3-825f-002618f7a88e Error: (05/15/2014 03:54:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: *****-LAPTOP) Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2014-05-01 15:58:23.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:22.712 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:22.447 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:22.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:22.040 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:21.837 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:21.665 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:21.447 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:21.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-05-01 15:58:18.493 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 31% Total physical RAM: 4095.27 MB Available physical RAM: 2818.91 MB Total Pagefile: 4799.27 MB Available Pagefile: 3452.3 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:87.55 GB) (Free:59.88 GB) NTFS Drive d: () (Fixed) (Total:210.2 GB) (Free:195.87 GB) NTFS Drive f: (OFFICE14) (CDROM) (Total:1.83 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 97646C29) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=88 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=210 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
28.05.2014, 19:23 | #6 | |
/// the machine /// TB-Ausbilder | Verdacht auf KeyloggerZitat:
__________________ --> Verdacht auf Keylogger |
Themen zu Verdacht auf Keylogger |
benötigt, hallo zusammen, keylogger, malwarebytes, passwörter, passwörtern, programme, programmen, pup.optional.installerex, pup.optional.installerex.a, pup.optional.superfish.a, pup.optional.tarma.a, win32/installerex.m |