Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verdacht auf Keylogger

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 26.05.2014, 19:19   #1
Xethon
 
Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



Hallo zusammen,

ich habe den Verdacht, dass sich ein Keylogger auf meinem System eingenistet hat.Es wurden in den letzten zwei Tagen zwei Accounts mit unterschiedlichen und recht sicheren Passwörtern von mir geknackt. Ich habe mich dort von meinem Handy und meinem Laptop eingeloggt.
Logfiles von Malwarebytes und Spybot habe ich bereits erstellt und sind im Anhang.

Falls noch Logs von anderen Programmen benötigt werden, bitte Bescheid geben.

Ich hoffe ihr könnt mir bei meinem Problem helfen. Vielen Dank im Vorraus.

Alt 26.05.2014, 19:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.05.2014, 20:29   #3
Xethon
 
Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 26.05.2014
Scan Time: 18:51:05
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.26.02
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: *****

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279743
Time Elapsed: 16 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\50b1f5e2-1233-43b5-b9b4-5cbfafb8a6d4, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
PUP.Optional.InstalleRex.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Custom.dll, Quarantined, [08f253022d4e73c378c869da8c747a86], 
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Setup.exe, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709], 
PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RXI8S7V.exe, Quarantined, [9b5fc09546350630a8a8e19635cc7789], 
PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [23d7bb9a1d5e5fd7539caae3986a8f71], 
PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [8f6bc590d8a34ceac629c8c5ee1439c7], 

Physical Sectors: 0
(No malicious items detected)


(end)
         
Der Spybot-Log ist mehr als 1 .Mio Zeichen lang...

Hier nochmal zwei Logs von AdwCleaner und vom Eset Online Scanner

Code:
ATTFilter
# AdwCleaner v3.211 - Bericht erstellt am 26/05/2014 um 21:21:30
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro  (64 bits)
# Benutzername : ***** - *****-LAPTOP
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\*****\AppData\Local\Temp\OCS

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3226 octets] - [11/05/2014 12:20:59]
AdwCleaner[R1].txt - [1249 octets] - [26/05/2014 20:26:32]
AdwCleaner[S0].txt - [3201 octets] - [11/05/2014 12:22:58]
AdwCleaner[S1].txt - [1124 octets] - [26/05/2014 21:21:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1184 octets] ##########
         
Code:
ATTFilter
C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RYR8Q22.exe	Win32/OpenCandy potentially unsafe application	deleted - quarantined
C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000	Win32/InstalleRex.M potentially unwanted application	deleted - quarantined
         
__________________

Alt 27.05.2014, 18:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.05.2014, 21:36   #5
Xethon
 
Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by ***** (administrator) on *****-LAPTOP on 27-05-2014 22:31:58
Running from C:\Users\*****\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3756904942-2459461274-3818286609-1001\...\MountPoints2: {4f7fe34f-c99f-11e3-8252-002618f7a88e} - "F:\SETUP.EXE" 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\Programme\Office 2010\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - D:\Programme\Photoshop CS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Programme\Photoshop CS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\Extensions\firebug@software.joehewitt.com.xpi [2014-04-23]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-22]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-22]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-04-22]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-22]
CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-22]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2014-04-22]
CHR Extension: (TweetDeck by Twitter) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-04-22]
CHR Extension: (Zoho Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemfhbmnkbapnnmiadkbiaokccjnhge [2014-04-22]
CHR Extension: (Google Maps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR Extension: (Marmoset) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\npkfpddkpefnmkflhhligbkofhnafieb [2014-04-25]
CHR Extension: (CCTV View) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajmcmcpiboagipoflploplebgicaadj [2014-04-28]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-22]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-01] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Office 2010\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-01] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-22] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2014-03-18] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-27 22:31 - 2014-05-27 22:32 - 00014555 _____ () C:\Users\*****\Downloads\FRST.txt
2014-05-27 22:31 - 2014-05-27 22:31 - 02066944 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-05-27 22:31 - 2014-05-27 22:31 - 00000000 ____D () C:\FRST
2014-05-27 22:20 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-27 22:20 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-27 22:20 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-05-27 22:20 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-27 22:20 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-27 22:20 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-05-27 22:20 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-27 22:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-05-27 22:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-05-27 22:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-05-27 22:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-05-27 22:19 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-27 22:19 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-05-27 22:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-05-27 22:19 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-05-27 22:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-05-27 22:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-05-27 22:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-05-27 22:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-05-27 22:19 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-05-27 22:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-27 22:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-05-27 22:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-05-27 22:19 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-27 22:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-05-27 22:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-27 22:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-27 22:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-27 22:19 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-05-27 22:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-05-27 22:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-05-27 22:19 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-05-27 22:19 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-05-27 22:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-05-27 22:19 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-05-27 22:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-05-27 22:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-05-27 22:19 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-27 22:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-05-27 22:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-05-27 22:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-05-27 22:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-05-27 22:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-27 22:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-05-27 22:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-05-27 22:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-05-27 22:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-05-27 22:19 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-05-27 22:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-05-27 22:19 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-05-27 22:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-05-27 22:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-27 22:19 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-05-27 22:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-27 22:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-05-27 22:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-27 22:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-05-27 22:19 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-05-27 22:19 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-05-27 22:19 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-27 22:19 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-05-27 22:19 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-27 22:19 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-27 22:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-05-27 22:19 - 2014-04-03 04:22 - 03359744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-05-27 22:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-05-27 22:19 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-05-27 22:19 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-27 22:19 - 2014-03-31 07:35 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-27 22:19 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-27 22:19 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-05-27 22:19 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-05-27 22:19 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-05-27 22:19 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-05-27 22:19 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-05-27 22:19 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-05-27 22:19 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-05-27 22:19 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-05-27 22:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-05-27 22:19 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-27 22:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-05-27 22:19 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-05-27 22:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-05-27 22:19 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-05-27 22:19 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-05-27 22:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-05-27 22:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-05-27 22:19 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-27 22:19 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-05-27 22:19 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-05-27 22:19 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-05-27 22:19 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-27 22:19 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-05-27 22:19 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-27 22:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-05-27 22:19 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-05-27 22:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-27 22:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-05-27 22:19 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-05-27 22:19 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-05-27 22:19 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-05-27 22:19 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-05-27 22:19 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-05-27 22:19 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-05-27 22:19 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-05-27 22:19 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-05-27 22:19 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-05-27 22:19 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-05-27 22:19 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-05-27 22:19 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-05-27 22:19 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-05-27 22:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-27 22:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-27 22:19 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-05-27 22:19 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-27 22:19 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-05-27 22:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-05-27 22:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-05-27 22:19 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-05-27 22:19 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-27 19:29 - 2014-05-27 19:29 - 00002087 _____ () C:\Users\*****\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-05-27 19:29 - 2014-05-27 19:29 - 00002031 _____ () C:\Users\*****\Desktop\Avira PC Cleaner.lnk
2014-05-27 19:28 - 2014-05-27 19:28 - 02278856 _____ () C:\Users\*****\Downloads\avira_pc_cleaner_de.exe
2014-05-26 23:44 - 2014-05-26 23:44 - 00000000 ____D () C:\Users\*****\Documents\ProcAlyzer Dumps
2014-05-26 21:25 - 2014-05-26 21:25 - 00001258 _____ () C:\Users\*****\Desktop\adw.txt
2014-05-26 21:20 - 2014-05-26 23:47 - 00000463 _____ () C:\Users\*****\Desktop\eset.txt
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-26 20:39 - 2014-05-26 20:39 - 02347384 _____ (ESET) C:\Users\*****\Downloads\esetsmartinstaller_enu.exe
2014-05-26 20:25 - 2014-05-26 20:25 - 01327971 _____ () C:\Users\*****\Downloads\adwcleaner_3.211.exe
2014-05-26 20:19 - 2014-05-26 20:19 - 00144372 _____ () C:\Users\*****\Desktop\logs.zip
2014-05-26 19:47 - 2014-05-26 20:23 - 01104758 _____ () C:\Users\*****\Desktop\spybot.txt
2014-05-26 19:10 - 2014-05-26 20:58 - 00002012 _____ () C:\Users\*****\Desktop\mbam.txt
2014-05-26 19:00 - 2014-05-26 19:00 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-26 19:00 - 2014-05-26 19:00 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-26 18:59 - 2014-05-26 19:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-26 18:59 - 2014-05-26 19:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-26 18:59 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-26 18:52 - 2014-05-26 18:53 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\*****\Downloads\spybot-2.3.exe
2014-05-26 18:50 - 2014-05-26 18:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-26 18:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-26 18:50 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-26 18:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-26 18:49 - 2014-05-26 18:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 19:37 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\*****\Desktop\Kleinanzeigen
2014-05-24 10:42 - 2014-05-24 10:42 - 00005508 _____ () C:\Users\*****\Downloads\51j8jzz83p2598i.dlc
2014-05-19 20:27 - 2014-05-19 20:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 20:10 - 2014-05-19 20:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-18 16:17 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\*****\Downloads\5589-b
2014-05-18 15:41 - 2014-05-18 16:18 - 00000000 ____D () C:\Users\*****\Downloads\desmume-0.9.10-win64
2014-05-16 21:24 - 2014-05-01 22:30 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 21:24 - 2014-05-01 22:30 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 16:29 - 2014-05-15 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 16:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-15 16:01 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-15 16:01 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-15 16:01 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-15 16:01 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-15 16:01 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-15 16:00 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 16:00 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 16:00 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 16:00 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 16:00 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-15 16:00 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-15 16:00 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-15 16:00 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-15 16:00 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-15 16:00 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-15 16:00 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-15 16:00 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-15 16:00 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 16:00 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-15 16:00 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 16:00 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-15 16:00 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-15 16:00 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-15 16:00 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-15 16:00 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-15 16:00 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-15 16:00 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-15 16:00 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-15 16:00 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-15 16:00 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-15 16:00 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-15 16:00 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-15 16:00 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-15 16:00 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-05-15 16:00 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-05-15 16:00 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-05-15 16:00 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-05-11 23:04 - 2014-05-11 23:26 - 00005565 _____ () C:\Users\*****\Downloads\SecureDownloadManager.log
2014-05-11 23:00 - 2014-05-11 23:00 - 00003179 _____ () C:\Users\*****\Desktop\Secure Download Manager.lnk
2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\e-academy Inc
2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Local\e-academy Inc
2014-05-11 22:59 - 2014-05-11 22:59 - 00720896 _____ () C:\Users\*****\Downloads\SDM_DE.msi
2014-05-11 22:59 - 2014-05-11 22:59 - 00000183 _____ () C:\Users\*****\Downloads\100097007456.sdx
2014-05-11 12:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-11 12:20 - 2014-05-26 21:21 - 00000000 ____D () C:\AdwCleaner
2014-05-10 11:34 - 2014-05-10 11:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-07 23:22 - 2014-05-07 23:21 - 00043648 _____ () C:\Users\*****\Downloads\DroidSerif.ttf
2014-05-07 23:21 - 2014-05-07 23:21 - 00119546 _____ () C:\Users\*****\Downloads\droid-serif.zip
2014-05-06 15:10 - 2014-05-06 15:18 - 00000000 ____D () C:\Users\*****\Documents\Scan
2014-05-06 15:01 - 2014-05-06 15:01 - 00001965 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-05-06 15:01 - 2014-05-06 15:01 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canneverbe Limited
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MySQL
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Program Files (x86)\MySQL
2014-05-03 00:51 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 00:51 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 20:06 - 2014-05-15 15:55 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-01 20:06 - 2014-05-01 20:06 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-01 19:58 - 2014-05-01 19:58 - 00000000 ____D () C:\Users\*****\Downloads\Abschlussprüfung
2014-05-01 19:32 - 2013-09-12 05:22 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMBLGE.DLL
2014-05-01 19:31 - 2014-05-27 22:31 - 00000947 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job
2014-05-01 19:31 - 2014-05-27 22:31 - 00000761 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job
2014-05-01 19:31 - 2014-05-01 19:31 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}
2014-05-01 19:31 - 2014-05-01 19:31 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}
2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ____D () C:\Program Files\EpsonNet
2014-05-01 19:03 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2014-05-01 19:03 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2014-05-01 19:03 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2014-05-01 19:03 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2014-05-01 19:03 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2014-05-01 19:03 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-05-01 19:01 - 2014-05-01 19:01 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\Program Files (x86)\epson
2014-05-01 19:01 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2014-05-01 19:01 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2014-05-01 18:29 - 2014-05-01 18:29 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-01 17:31 - 2014-05-01 18:53 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-01 17:31 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ID4BLGE.DLL
2014-05-01 17:31 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DropboxMaster
2014-05-01 09:48 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2014-05-01 01:46 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-05-01 01:44 - 2014-05-01 01:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-01 01:44 - 2014-05-01 01:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-30 22:44 - 2014-04-30 22:44 - 00000000 ____D () C:\Users\*****\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-04-28 23:16 - 2014-04-28 23:16 - 00001456 _____ () C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-28 22:08 - 2014-05-04 23:39 - 00000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-04-28 21:56 - 2014-05-02 19:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Local\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-28 14:43 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\MiniApp
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\*****\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-28 14:41 - 2014-04-28 20:18 - 00000000 ____D () C:\ProgramData\2f16da238c7b237
2014-04-28 14:41 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-28 14:41 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-28 14:41 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator
2014-04-28 14:29 - 2014-05-09 12:57 - 00193536 ___SH () C:\Users\*****\Downloads\Thumbs.db
2014-04-28 14:28 - 2014-04-28 20:18 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Ashampoo
2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Local\ashampoo
2014-04-27 23:53 - 2014-04-27 23:53 - 00001562 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-04-27 23:35 - 2014-04-27 23:35 - 00003514 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de
2014-04-27 23:28 - 2014-04-27 23:35 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-27 23:27 - 2014-04-27 23:27 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-04-27 23:26 - 2014-04-27 23:26 - 00000913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-04-27 23:26 - 2014-04-27 23:26 - 00000888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-04-27 23:25 - 2014-04-27 23:25 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-04-27 23:23 - 2014-05-01 20:06 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-27 23:23 - 2014-04-27 23:23 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-04-27 23:23 - 2014-04-27 23:23 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-04-27 23:20 - 2014-04-27 23:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-27 23:09 - 2014-05-01 20:11 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-27 21:25 - 2014-04-27 21:25 - 00002168 _____ () C:\Users\*****\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

2014-05-27 22:32 - 2014-05-27 22:31 - 00014555 _____ () C:\Users\*****\Downloads\FRST.txt
2014-05-27 22:31 - 2014-05-27 22:31 - 02066944 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-05-27 22:31 - 2014-05-27 22:31 - 00000000 ____D () C:\FRST
2014-05-27 22:31 - 2014-05-01 19:31 - 00000947 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job
2014-05-27 22:31 - 2014-05-01 19:31 - 00000761 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job
2014-05-27 22:31 - 2014-04-21 21:54 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3756904942-2459461274-3818286609-1001
2014-05-27 22:31 - 2014-03-18 12:04 - 01686150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 22:31 - 2014-03-18 11:25 - 00727930 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 22:31 - 2014-03-18 11:25 - 00151586 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 22:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 22:27 - 2014-04-22 00:11 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 22:26 - 2014-04-21 21:51 - 00000000 __RDO () C:\Users\*****\OneDrive
2014-05-27 22:25 - 2014-04-22 00:10 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 22:25 - 2014-04-21 21:48 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 22:25 - 2014-04-21 21:48 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 22:24 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 22:24 - 2013-08-22 16:44 - 05107520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-27 22:23 - 2014-03-18 03:51 - 00095332 _____ () C:\Windows\PFRO.log
2014-05-27 22:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-27 22:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-05-27 22:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-27 22:22 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-27 22:21 - 2014-04-21 21:44 - 01511927 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 22:20 - 2014-04-22 00:10 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 22:19 - 2014-04-21 21:59 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0A9E995-E1B7-4820-8B39-301FE747062C}
2014-05-27 22:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-27 20:54 - 2014-04-25 00:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 19:29 - 2014-05-27 19:29 - 00002087 _____ () C:\Users\*****\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-05-27 19:29 - 2014-05-27 19:29 - 00002031 _____ () C:\Users\*****\Desktop\Avira PC Cleaner.lnk
2014-05-27 19:28 - 2014-05-27 19:28 - 02278856 _____ () C:\Users\*****\Downloads\avira_pc_cleaner_de.exe
2014-05-27 19:08 - 2014-04-25 00:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-05-26 23:47 - 2014-05-26 21:20 - 00000463 _____ () C:\Users\*****\Desktop\eset.txt
2014-05-26 23:44 - 2014-05-26 23:44 - 00000000 ____D () C:\Users\*****\Documents\ProcAlyzer Dumps
2014-05-26 21:25 - 2014-05-26 21:25 - 00001258 _____ () C:\Users\*****\Desktop\adw.txt
2014-05-26 21:21 - 2014-05-11 12:20 - 00000000 ____D () C:\AdwCleaner
2014-05-26 20:58 - 2014-05-26 19:10 - 00002012 _____ () C:\Users\*****\Desktop\mbam.txt
2014-05-26 20:40 - 2014-05-26 20:40 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-26 20:39 - 2014-05-26 20:39 - 02347384 _____ (ESET) C:\Users\*****\Downloads\esetsmartinstaller_enu.exe
2014-05-26 20:25 - 2014-05-26 20:25 - 01327971 _____ () C:\Users\*****\Downloads\adwcleaner_3.211.exe
2014-05-26 20:23 - 2014-05-26 19:47 - 01104758 _____ () C:\Users\*****\Desktop\spybot.txt
2014-05-26 20:19 - 2014-05-26 20:19 - 00144372 _____ () C:\Users\*****\Desktop\logs.zip
2014-05-26 20:19 - 2014-04-25 00:11 - 00123904 ___SH () C:\Users\*****\Desktop\Thumbs.db
2014-05-26 19:47 - 2014-05-26 18:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-26 19:01 - 2014-05-26 18:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-26 19:00 - 2014-05-26 19:00 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-26 19:00 - 2014-05-26 19:00 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-26 19:00 - 2014-05-26 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-26 18:53 - 2014-05-26 18:52 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\*****\Downloads\spybot-2.3.exe
2014-05-26 18:50 - 2014-05-26 18:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-26 18:50 - 2014-05-26 18:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-26 18:49 - 2014-05-26 18:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-25 20:12 - 2014-05-25 19:37 - 00000000 ____D () C:\Users\*****\Desktop\Kleinanzeigen
2014-05-25 19:42 - 2013-08-22 16:46 - 00022899 _____ () C:\Windows\setupact.log
2014-05-24 10:42 - 2014-05-24 10:42 - 00005508 _____ () C:\Users\*****\Downloads\51j8jzz83p2598i.dlc
2014-05-24 10:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-20 16:37 - 2014-04-21 21:47 - 00000000 ____D () C:\Users\*****
2014-05-19 20:27 - 2014-05-19 20:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 20:10 - 2014-05-19 20:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-18 16:18 - 2014-05-18 15:41 - 00000000 ____D () C:\Users\*****\Downloads\desmume-0.9.10-win64
2014-05-18 16:17 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\*****\Downloads\5589-b
2014-05-18 10:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 23:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 16:30 - 2014-04-22 23:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 16:29 - 2014-05-15 16:29 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 16:28 - 2014-04-23 21:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 16:26 - 2014-04-23 21:36 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 16:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-15 15:55 - 2014-05-01 20:06 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 15:55 - 2014-04-22 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 15:55 - 2014-04-22 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 15:55 - 2014-04-22 00:16 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-13 19:55 - 2014-04-25 00:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 07:26 - 2014-05-26 18:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-26 18:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-26 18:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 23:26 - 2014-05-11 23:04 - 00005565 _____ () C:\Users\*****\Downloads\SecureDownloadManager.log
2014-05-11 23:00 - 2014-05-11 23:00 - 00003179 _____ () C:\Users\*****\Desktop\Secure Download Manager.lnk
2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\e-academy Inc
2014-05-11 23:00 - 2014-05-11 23:00 - 00000000 ____D () C:\Users\*****\AppData\Local\e-academy Inc
2014-05-11 22:59 - 2014-05-11 22:59 - 00720896 _____ () C:\Users\*****\Downloads\SDM_DE.msi
2014-05-11 22:59 - 2014-05-11 22:59 - 00000183 _____ () C:\Users\*****\Downloads\100097007456.sdx
2014-05-11 12:24 - 2014-04-23 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 11:34 - 2014-05-10 11:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:57 - 2014-04-28 14:29 - 00193536 ___SH () C:\Users\*****\Downloads\Thumbs.db
2014-05-08 16:15 - 2014-04-22 00:10 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 16:15 - 2014-04-22 00:10 - 00003874 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 23:21 - 2014-05-07 23:22 - 00043648 _____ () C:\Users\*****\Downloads\DroidSerif.ttf
2014-05-07 23:21 - 2014-05-07 23:21 - 00119546 _____ () C:\Users\*****\Downloads\droid-serif.zip
2014-05-06 15:18 - 2014-05-06 15:10 - 00000000 ____D () C:\Users\*****\Documents\Scan
2014-05-06 15:01 - 2014-05-06 15:01 - 00001965 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-05-06 15:01 - 2014-05-06 15:01 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canneverbe Limited
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-05-06 15:01 - 2014-05-06 15:01 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-05-06 06:40 - 2014-05-15 16:00 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-15 16:00 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-15 16:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 16:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 23:39 - 2014-04-28 22:08 - 00000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MySQL
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2014-05-04 12:57 - 2014-05-04 12:57 - 00000000 ____D () C:\Program Files (x86)\MySQL
2014-05-02 19:36 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-05-01 22:30 - 2014-05-16 21:24 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2014-05-16 21:24 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-01 20:11 - 2014-04-27 23:09 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-01 20:09 - 2014-04-21 21:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-05-01 20:06 - 2014-05-01 20:06 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-01 20:06 - 2014-04-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-01 19:58 - 2014-05-01 19:58 - 00000000 ____D () C:\Users\*****\Downloads\Abschlussprüfung
2014-05-01 19:31 - 2014-05-01 19:31 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}
2014-05-01 19:31 - 2014-05-01 19:31 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}
2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-01 19:03 - 2014-05-01 19:03 - 00000000 ____D () C:\Program Files\EpsonNet
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-05-01 19:01 - 2014-05-01 19:01 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-05-01 19:01 - 2014-05-01 19:01 - 00000000 ____D () C:\Program Files (x86)\epson
2014-05-01 18:53 - 2014-05-01 17:31 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-01 18:29 - 2014-05-01 18:29 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-01 09:49 - 2014-05-01 09:49 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DropboxMaster
2014-05-01 09:49 - 2014-05-01 09:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2014-05-01 01:45 - 2014-04-22 00:17 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-01 01:44 - 2014-05-01 01:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-01 01:44 - 2014-05-01 01:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-01 01:44 - 2014-04-22 00:17 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-01 01:44 - 2014-04-22 00:16 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400162132078
2014-05-01 01:44 - 2014-04-22 00:16 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400162132078
2014-05-01 01:44 - 2014-04-22 00:16 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-01 01:44 - 2014-04-22 00:16 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-01 01:44 - 2014-04-22 00:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-01 01:44 - 2014-04-22 00:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-01 01:44 - 2014-04-22 00:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-30 22:44 - 2014-04-30 22:44 - 00000000 ____D () C:\Users\*****\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-04-28 23:16 - 2014-04-28 23:16 - 00001456 _____ () C:\Users\*****\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-28 21:56 - 2014-04-28 21:56 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\Users\*****\AppData\Local\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Skype
2014-04-28 21:56 - 2014-04-28 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-28 20:18 - 2014-04-28 14:41 - 00000000 ____D () C:\ProgramData\2f16da238c7b237
2014-04-28 20:18 - 2014-04-28 14:28 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-04-28 14:43 - 2014-04-28 14:43 - 00000000 ____D () C:\ProgramData\MiniApp
2014-04-28 14:43 - 2014-04-28 14:41 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Gast
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\*****\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-28 14:42 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-28 14:42 - 2014-04-22 00:10 - 00000000 ____D () C:\Users\*****\AppData\Local\Google
2014-04-28 14:41 - 2014-04-28 14:41 - 00000000 ____D () C:\Users\Administrator
2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Ashampoo
2014-04-28 14:28 - 2014-04-28 14:28 - 00000000 ____D () C:\Users\*****\AppData\Local\ashampoo
2014-04-27 23:57 - 2014-04-27 23:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-27 23:53 - 2014-04-27 23:53 - 00001562 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-04-27 23:37 - 2014-04-23 00:14 - 00000000 ____D () C:\Users\*****\.gimp-2.8
2014-04-27 23:35 - 2014-04-27 23:35 - 00003514 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de
2014-04-27 23:35 - 2014-04-27 23:28 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-27 23:27 - 2014-04-27 23:27 - 00000943 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-04-27 23:26 - 2014-04-27 23:26 - 00000913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-04-27 23:26 - 2014-04-27 23:26 - 00000888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-04-27 23:25 - 2014-04-27 23:25 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-04-27 23:23 - 2014-04-27 23:23 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-04-27 23:23 - 2014-04-27 23:23 - 00001008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-04-27 23:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-27 21:25 - 2014-04-27 21:25 - 00002168 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-04-27 21:25 - 2014-04-24 22:40 - 00000000 ____D () C:\Users\*****\AppData\Local\gtk-2.0

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2014-05-27 22:19] - [2014-03-28 17:58] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-05-27 22:19] - [2014-03-06 14:42] - 0310616 ____A (Microsoft Corporation) 4BB9BC49DEE1A319EC58274A7BBED663



LastRegBack: 2014-05-22 19:26

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by ***** at 2014-05-27 22:33:15
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F2CE207D-C146-4BFD-A1C2-219483C58819}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MySQL Workbench 6.1 CE (HKLM-x32\...\{625991FA-1A48-4AD8-95D5-84A0C9896C9A}) (Version: 6.1.4 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)

==================== Restore Points  =========================

15-05-2014 14:22:55 Windows Update
24-05-2014 08:23:32 Geplanter Prüfpunkt
27-05-2014 20:20:17 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2014-04-27 23:37 - 00000892 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BC32B2D-93F4-45F4-B338-9BC59A6EB744} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {1D15A186-7404-42BD-A51C-64E6574BA589} - System32\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-09-12] (SEIKO EPSON CORPORATION)
Task: {1E08DBCE-8002-4FA9-8510-26ED4838A437} - System32\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-09-12] (SEIKO EPSON CORPORATION)
Task: {1F2D7BAE-62D4-4467-A97F-CD9E86C0B564} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2088FAB2-AAF7-45E6-ABED-FC42BAD887C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47FE00D6-2FB4-40F5-AB09-945BAE57E5FD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A99D2AB-43BC-4649-8C2F-76CAB6CD115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C981FEB-C567-4353-92BF-EB16F9496412} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97968DA7-809B-44BB-B64B-78BF1DC0F388} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9B946C6-71F6-4504-A414-449D3B0347DF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {AB3210B5-1B03-458F-83DD-27F72AC5C1E4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-01] (AVAST Software)
Task: {B6E35E30-525C-493F-BB96-7D083EDF5EA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCDA5F4B-97DF-4420-B875-D573F59A1C3F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {DCE3D606-9E17-4E65-B72D-0EF3F4603DE5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {DDE82480-4AC2-4F39-B208-0E4A4FEE5628} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-05-15] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF8C2FA6-0E8C-4B62-ADF9-51091F4577A7} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****.strigenz@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {50F44D71-F6A5-42EC-8AF4-7C45F435DA54}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-27 20:13 - 2014-05-27 20:13 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052700\algo.dll
2014-05-27 22:25 - 2014-05-27 22:25 - 02256384 _____ () C:\Program Files\AVAST Software\Avast\defs\14052701\algo.dll
2014-05-26 18:59 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-26 18:59 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-26 18:59 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-26 18:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-26 18:59 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-04-22 00:16 - 2014-04-22 00:16 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 11:34 - 2014-05-10 11:34 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\*****\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2014 08:12:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/26/2014 08:40:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/26/2014 08:39:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/26/2014 08:39:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/26/2014 08:39:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/25/2014 07:38:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17039 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1130

Startzeit: 01cf78295da15fc6

Endzeit: 0

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 549fc1d9-e433-11e3-825f-002618f7a88e

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/25/2014 07:37:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6d8

Startzeit: 01cf783fe8615d11

Endzeit: 3352

Anwendungspfad: C:\Windows\system32\DllHost.exe

Berichts-ID: 2a1529a6-e433-11e3-825f-002618f7a88e

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/25/2014 07:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: af4

Startzeit: 01cf783fcd2b48b9

Endzeit: 3366

Anwendungspfad: C:\Windows\system32\DllHost.exe

Berichts-ID: 1d3efc37-e433-11e3-825f-002618f7a88e

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/25/2014 07:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DllHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9fc

Startzeit: 01cf783fb77e2de2

Endzeit: 3384

Anwendungspfad: C:\Windows\system32\DllHost.exe

Berichts-ID: 05cf3823-e433-11e3-825f-002618f7a88e

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/15/2014 03:54:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: *****-LAPTOP)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (05/20/2014 04:20:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎05.‎2014 um 22:15:26 unerwartet heruntergefahren.

Error: (05/13/2014 07:18:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎05.‎2014 um 19:12:46 unerwartet heruntergefahren.

Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (05/02/2014 04:09:06 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (05/02/2014 04:08:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (05/02/2014 04:08:38 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (05/02/2014 04:08:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (05/02/2014 04:08:37 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.


Microsoft Office Sessions:
=========================
Error: (05/27/2014 08:12:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe

Error: (05/26/2014 08:40:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe

Error: (05/26/2014 08:39:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe

Error: (05/26/2014 08:39:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe

Error: (05/26/2014 08:39:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\*****\Downloads\esetsmartinstaller_enu.exe

Error: (05/25/2014 07:38:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17039113001cf78295da15fc60C:\Windows\Explorer.EXE549fc1d9-e433-11e3-825f-002618f7a88e

Error: (05/25/2014 07:37:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DllHost.exe6.3.9600.163846d801cf783fe8615d113352C:\Windows\system32\DllHost.exe2a1529a6-e433-11e3-825f-002618f7a88e

Error: (05/25/2014 07:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DllHost.exe6.3.9600.16384af401cf783fcd2b48b93366C:\Windows\system32\DllHost.exe1d3efc37-e433-11e3-825f-002618f7a88e

Error: (05/25/2014 07:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DllHost.exe6.3.9600.163849fc01cf783fb77e2de23384C:\Windows\system32\DllHost.exe05cf3823-e433-11e3-825f-002618f7a88e

Error: (05/15/2014 03:54:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: *****-LAPTOP)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-05-01 15:58:23.087
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:22.712
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:22.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:22.212
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:22.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:21.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:21.665
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:21.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:21.243
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-01 15:58:18.493
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 4095.27 MB
Available physical RAM: 2818.91 MB
Total Pagefile: 4799.27 MB
Available Pagefile: 3452.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:87.55 GB) (Free:59.88 GB) NTFS
Drive d: () (Fixed) (Total:210.2 GB) (Free:195.87 GB) NTFS
Drive f: (OFFICE14) (CDROM) (Total:1.83 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=88 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=210 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 28.05.2014, 19:23   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Verdacht auf Keylogger - Standard

Verdacht auf Keylogger



Zitat:
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
__________________
--> Verdacht auf Keylogger

Antwort

Themen zu Verdacht auf Keylogger
benötigt, hallo zusammen, keylogger, malwarebytes, passwörter, passwörtern, programme, programmen, pup.optional.installerex, pup.optional.installerex.a, pup.optional.superfish.a, pup.optional.tarma.a, win32/installerex.m




Ähnliche Themen: Verdacht auf Keylogger


  1. Verdacht auf KeyLogger
    Plagegeister aller Art und deren Bekämpfung - 12.01.2015 (14)
  2. Windows 7: Verdacht auf Keylogger
    Log-Analyse und Auswertung - 22.06.2014 (16)
  3. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 03.03.2014 (9)
  4. Verdacht auf keylogger
    Plagegeister aller Art und deren Bekämpfung - 06.10.2012 (17)
  5. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 19.09.2011 (1)
  6. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 07.05.2011 (16)
  7. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 18.02.2011 (4)
  8. Verdacht auf KeyLogger
    Log-Analyse und Auswertung - 21.02.2010 (2)
  9. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 02.01.2010 (4)
  10. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 11.12.2009 (1)
  11. Keylogger Verdacht!
    Plagegeister aller Art und deren Bekämpfung - 15.09.2009 (6)
  12. Verdacht auf Trojaner/Keylogger
    Plagegeister aller Art und deren Bekämpfung - 26.05.2009 (0)
  13. Hab nen verdacht auf nen Keylogger
    Mülltonne - 04.09.2008 (0)
  14. Verdacht auf Keylogger
    Log-Analyse und Auswertung - 10.08.2008 (1)
  15. Verdacht auf keylogger!
    Log-Analyse und Auswertung - 01.11.2007 (11)
  16. verdacht auf keylogger!
    Log-Analyse und Auswertung - 23.10.2007 (7)
  17. Verdacht auf Spyware und Keylogger etc. ?!
    Mülltonne - 20.10.2007 (0)

Zum Thema Verdacht auf Keylogger - Hallo zusammen, ich habe den Verdacht, dass sich ein Keylogger auf meinem System eingenistet hat.Es wurden in den letzten zwei Tagen zwei Accounts mit unterschiedlichen und recht sicheren Passwörtern von - Verdacht auf Keylogger...
Archiv
Du betrachtest: Verdacht auf Keylogger auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.