giw.mapopen.net Werbung

green_lion · 04.06.2014, 13:26

So ich habe mich grade hier registriert, da ich immer (bei fast jedem Klick im Internet) Popupwerbung mit giw.mapopen.net in der Adresszeile im Browser hab... ich hab mich jetzt schon ein bischen schlau gemacht und bis jetzt herausgefunden, das dieses Anscheinend ein Trojaner ist, bzw er sich zum Trojaner oder so entwickeln kann. Das Problem ist jetzt, das Norton Internet Security nichts finden kann. Auch habe ich im Internet keine "seriösen" seiten zum Thema gefunden, oder nur englische.

Wie soll ich jetzt also weitermachen...? Ich hatte schon an den Norton Power Eraser gedacht aber ob es sich damit löst?

Ich hoffe irgendjemand von euch kennt dieses Problem/Kann mir irgendwie helfen

Danke schon mal im Vorraus green_lion

schrauber · 04.06.2014, 14:26

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

green_lion · 04.06.2014, 14:48

Vielen Dank für die Schnelle Hilfe

Hier die Additional.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by **** at 2014-06-04 15:28:59
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3017 - Acer Incorporated)
Acer Remote (HKLM-x32\...\Acer Remote1.0) (Version: 1.0 - Acer Inc.)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{838DA1F1-23F8-4C70-B190-AC51CB5A5ECD}) (Version: 3.1.45.72435 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 3.1.45.72435 - Alcor Micro Corp.) Hidden
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.2.475.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.2.475.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2014 SP2 (HKLM\...\Autodesk 3ds Max 2014 HF1) (Version: 16.2.475.0 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J4410DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{53078727-80C2-4F4F-9E36-093133F73F3B}) (Version: 1.36.0 - Kovid Goyal)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2012 - Acer Incorporated)
Craften Terminal 3.5.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.29.303 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.29.303 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIANTS Editor 5.5.1 64-bit (HKLM-x32\...\giants_editor_5.5.1_win64_is1) (Version: 5.5.1 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3007 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3005 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.0.3000 - Maxthon International Limited)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 311.06 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
phase-6 2.3.3 (HKLM-x32\...\phase-6) (Version: 2.3.3 - phase-6)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.57 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TI-Nspire CAS Student Software (HKLM-x32\...\TI-Nspire CAS Student Software) (Version: 3.1.0.392 - Texas Instruments)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VideoSaver (HKLM-x32\...\274E1504-21E3-A9F8-9A9D-B3D4B3336957) (Version:  - VideoSaver-software)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

14-05-2014 19:07:48 Windows Update
23-05-2014 18:46:26 Geplanter Prüfpunkt
26-05-2014 15:22:04 DirectX wurde installiert
30-05-2014 09:49:58 DirectX wurde installiert

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05712D7E-84A7-4E83-B285-043E98C60449} - System32\Tasks\AdobeAAMUpdater-1.0-Meyer-Büro-Julian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {331F10C2-F288-4D68-BFE7-CD875A775D8C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-03-06] (Maxthon International ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4E6C41D9-077C-405D-ABD7-B9D1F6FE4AFE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {541ED654-6EB0-4B9D-BE8C-5B9F6FF64E5E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {549BF424-F9EC-4C39-B007-12F8BBB7222F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E2C1F26-BFFF-41CB-8031-6C158DFBCB6E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {765A39E7-A838-405B-945A-E473E26B3BE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03] (Google Inc.)
Task: {773194B9-DB17-4913-AB8D-7C51FAFD284A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {789A3FED-440F-4AA5-B816-F6BADF12AD36} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {79B3C73C-005A-4C38-838B-9635889F4B40} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-02-22] ()
Task: {7D55C4ED-E393-4912-8F2C-940EB454F49F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {83B22B4C-1892-4AF3-BC57-7747A445F777} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-04-02] (Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {979930BD-6948-4E26-B7D0-35FBA3460318} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9B9DEB7A-5E63-48CE-AECB-8578418FAAA4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {9D93B334-9661-4C64-92DD-B9BAF5410D20} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B657D976-555D-4F34-BD5D-87D6CE42CDAB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C0C35C7E-3CD2-4FE8-96B5-6A1D21A0AA07} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {CD02FF6B-FC87-4BC9-A2AE-8EF9AEC39EDB} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {CE555882-AE75-487E-9801-59526EDC26EA} - System32\Tasks\VideoSaver_wd => C:\Program Files (x86)\VideoSaver\VideoSaverGWdkcw.exe [2014-04-23] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D92E05C5-28A3-4E8A-8273-6C453E2EACB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03] (Google Inc.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F85D2C0F-3AB5-4F88-9E40-13E0E7925DBD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\VideoSaver_wd.job => C:\Program Files (x86)\VideoSaver\VideoSaverGWdkcw.exe

==================== Loaded Modules (whitelisted) =============

2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-01-03 10:50 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2013-12-25 11:40 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-04-23 20:40 - 2014-04-23 20:40 - 00077312 _____ () C:\Program Files (x86)\VideoSaver\VideoSaverGWdkcw.exe
2013-05-31 01:23 - 2013-05-31 01:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 01:19 - 2013-05-31 01:19 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 01:53 - 2013-05-31 01:53 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-11-14 19:30 - 2013-11-14 19:30 - 00023040 _____ () C:\Program Files\Logitech Gaming Software\LGSToast.dll
2014-05-11 10:28 - 2014-05-11 10:28 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-04-29 17:32 - 2014-04-29 17:32 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll
2014-05-11 10:28 - 2014-05-11 10:28 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2012-07-24 12:06 - 2012-07-24 12:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-06-27 09:50 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2013-06-27 09:24 - 2013-03-12 07:20 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-03 10:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-03 19:26 - 2014-06-03 19:26 - 00043008 _____ () c:\users\****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8jmoj.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 11:57 - 2012-06-14 11:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 20:15 - 2011-08-15 20:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 16:41 - 2011-08-17 16:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 19:23 - 2011-08-15 19:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 11:56 - 2012-06-14 11:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 12:06 - 2012-06-14 12:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 11:55 - 2012-06-14 11:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 16:05 - 2011-07-19 16:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 20:17 - 2011-08-15 20:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 16:04 - 2011-07-19 16:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-05-14 16:08 - 2014-05-14 16:08 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\****\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2014 03:25:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/03/2014 09:22:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/03/2014 09:21:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/02/2014 02:37:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x533e5a38
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x533e5b4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015a76a
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5

Error: (06/02/2014 00:01:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x533e5a38
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x533e5b4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015a76a
ID des fehlerhaften Prozesses: 0x19bc
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5

Error: (06/02/2014 04:40:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/01/2014 07:10:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/01/2014 07:10:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2014 07:10:01 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/01/2014 11:54:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/04/2014 03:26:44 AM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/04/2014 03:26:03 AM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/03/2014 09:20:44 PM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/03/2014 08:56:52 PM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/02/2014 04:56:34 PM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/02/2014 03:45:51 PM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/02/2014 03:45:51 PM) (Source: DCOM) (EventID: 10010) (User: ****-Büro)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/02/2014 00:02:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/02/2014 07:59:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/02/2014 07:59:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 16293.24 MB
Available physical RAM: 14009.96 MB
Total Pagefile: 32677.24 MB
Available Pagefile: 29692.73 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:922.85 GB) (Free:356.39 GB) NTFS
Drive d: (DATA) (Fixed) (Total:923.19 GB) (Free:916.9 GB) NTFS
Drive e: (MUSIC****) (Removable) (Total:7.45 GB) (Free:7.39 GB) FAT32
Drive h: (LS2013) (CDROM) (Total:1.36 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 31FAE5F9)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)

==================== End Of Log ============================

Meinen Namen habe ich mit**** Unkennbar gemacht, den Comnputernamen (****-Büro) teilweise auch

So hier die FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Julian (administrator) on MEYER-BÜRO on 04-06-2014 15:28:30
Running from C:\Users\Julian\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
() C:\Program Files (x86)\VideoSaver\VideoSaverGWdkcw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-15] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Julian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {b49cc01e-def8-11e2-be6a-806e6f6e6963} - "F:\PC/TINspireStudent_Setup.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {ba2b81f8-73d2-11e3-be80-24fd52914648} - "H:\cdstart.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {f9d10030-78ef-11e3-be86-24fd52914648} - "G:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk
ShortcutTarget: Acer Remote.lnk -> C:\Program Files (x86)\Acer Remote\ArcServer.exe (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = 
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPA32E00B0-268C-4D9B-B039-3626AF7FAD7F&q={searchTerms}&SSPV=
SearchScopes: HKCU - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\battlefieldplay4free@ea.com [2014-05-26]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-05]
FF Extension: VideoSaver - C:\Program Files (x86)\VideoSaver\161.xpi [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKCU\...\Firefox\Extensions: [{BF6F901F-399E-EA23-53E2-438C97252A18}] - C:\Program Files (x86)\VideoSaver\161.xpi
FF Extension: No Name - C:\Program Files (x86)\VideoSaver\161.xpi [2014-04-23]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2014-05-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468240 2013-04-23] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [41504 2014-01-23] (LogMeIn Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-25] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.032\ENG64.SYS [126040 2014-04-10] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.032\EX64.SYS [2099288 2014-04-10] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-25] (Microsoft Corporation)
R0 SMR410; C:\Windows\System32\drivers\SMR410.SYS [96856 2014-06-04] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 15:28 - 2014-06-04 15:28 - 00025044 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\FRST
2014-06-04 15:27 - 2014-06-04 15:27 - 02068992 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-04 14:05 - 2014-06-04 14:05 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS
2014-06-04 14:05 - 2014-06-04 14:05 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR410.dat
2014-06-04 07:19 - 2014-06-04 07:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-02 16:40 - 2014-06-02 16:55 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:11 - 2014-06-01 19:22 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-05-31 11:59 - 2014-05-31 12:12 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-27 15:56 - 2014-05-27 15:57 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:18 - 2014-05-30 08:43 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-26 17:17 - 2014-05-30 08:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-26 17:17 - 2014-05-26 17:24 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:16 - 2014-06-02 14:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-26 17:16 - 2014-06-01 19:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-26 17:16 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-23 14:51 - 2014-05-23 14:52 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 14:58 - 2014-05-19 15:03 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:54 - 2014-05-19 14:54 - 00002278 _____ () C:\Users\Lorenz\Desktop\Facebook.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00002274 _____ () C:\Users\Lorenz\Desktop\Youtube.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00001460 _____ () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00000812 _____ () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Torch
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\jZip
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\ProgramData\Datamngr
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-14 17:39 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 17:39 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 17:39 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 17:39 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 17:39 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 17:39 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 17:39 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 17:39 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 17:39 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 17:39 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 17:39 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 17:39 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 17:39 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 17:39 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 17:39 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 17:39 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 17:39 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 17:38 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 17:38 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 17:38 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 17:38 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip
2014-05-09 20:18 - 2014-05-09 20:18 - 00322864 _____ () C:\WINDOWS\Minidump\050914-38734-01.dmp
2014-05-09 15:42 - 2014-05-09 15:42 - 00000000 ____D () C:\Users\Julian\AppData\Local\calibre-cache
2014-05-09 15:40 - 2014-05-09 16:12 - 00000000 ____D () C:\Users\Julian\Documents\Calibre-Bibliothek
2014-05-09 15:40 - 2014-05-09 15:56 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\calibre
2014-05-09 15:40 - 2014-05-09 15:40 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-09 15:38 - 2014-05-09 15:39 - 60981248 _____ () C:\Users\Julian\Downloads\calibre-64bit-1.36.0.msi
2014-05-08 16:47 - 2014-05-08 16:47 - 00000000 ____D () C:\Users\Julian\AppData\Local\TechSmith
2014-05-08 16:38 - 2014-05-23 20:20 - 00005632 _____ () C:\Users\Julian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-08 14:18 - 2014-05-08 14:22 - 00000000 ____D () C:\Users\Julian\Documents\TI-Nspire
2014-05-08 14:18 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TI-Nspire
2014-05-08 14:16 - 2014-05-29 21:12 - 00000000 ____D () C:\Users\Julian\Documents\Camtasia Studio
2014-05-08 14:16 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TechSmith
2014-05-08 14:15 - 2014-05-08 14:15 - 00000000 ____D () C:\Users\Julian\Documents\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00002189 _____ () C:\Users\Julian\AppData\Local\TempfixPerms.vbs
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Texas Instruments
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 14:13 - 2014-05-08 14:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-05-08 14:13 - 2014-05-08 14:13 - 00007371 _____ () C:\WINDOWS\SysWOW64\redist.txt
2014-05-08 14:13 - 2014-05-08 14:13 - 00002082 _____ () C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\TI-Nspire CAS
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2014-05-08 14:12 - 2014-05-08 14:13 - 00000000 ____D () C:\Program Files (x86)\TI Education
2014-05-07 16:44 - 2014-05-07 16:44 - 00000906 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-05-07 15:57 - 2014-05-19 14:56 - 00030720 ___SH () C:\Users\Lorenz\Desktop\Thumbs.db
2014-05-06 20:44 - 2014-05-06 20:47 - 251749736 _____ () C:\Users\Julian\Downloads\camtasiade_8.1.2.exe
2014-05-06 20:22 - 2014-05-06 20:22 - 00003586 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-05-06 20:22 - 2014-05-06 20:22 - 00001105 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Maxthon3
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-06 20:21 - 2014-05-06 20:21 - 01502976 _____ (Maxthon International ltd.) C:\Users\Julian\Downloads\mxsetup.exe
2014-05-06 15:07 - 2014-05-06 15:07 - 00001444 _____ () C:\Users\Julian\Desktop\filezilla.lnk
2014-05-05 19:23 - 2014-04-16 18:02 - 00000000 ____D () C:\Users\Julian\Downloads\wordpress
2014-05-05 19:08 - 2014-05-06 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\FileZilla
2014-05-05 19:08 - 2014-03-28 10:35 - 00000000 ____D () C:\Users\Julian\Downloads\FileZilla-3.8.0

==================== One Month Modified Files and Folders =======

2014-06-04 15:28 - 2014-06-04 15:28 - 00025044 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\FRST
2014-06-04 15:28 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian\AppData\Local\Temp
2014-06-04 15:27 - 2014-06-04 15:27 - 02068992 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-04 15:26 - 2013-12-25 11:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-04 15:21 - 2013-12-25 12:14 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CDB1D17-374E-47F5-A88E-A278A97AC4A6}
2014-06-04 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-04 14:53 - 2014-05-03 16:42 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 14:53 - 2014-05-03 16:42 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 14:11 - 2013-12-25 11:39 - 01326392 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-04 14:05 - 2014-06-04 14:05 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS
2014-06-04 14:05 - 2014-06-04 14:05 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR410.dat
2014-06-04 14:05 - 2014-02-02 19:33 - 00000000 ____D () C:\Users\Julian\AppData\Local\NPE
2014-06-04 14:05 - 2013-06-27 09:46 - 00000000 ____D () C:\ProgramData\Norton
2014-06-04 07:20 - 2014-06-04 07:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-04 02:00 - 2013-12-25 18:05 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-06-03 21:20 - 2013-11-30 17:28 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1001
2014-06-03 21:00 - 2014-04-07 11:22 - 00007591 _____ () C:\Users\Julian\AppData\Local\Resmon.ResmonCfg
2014-06-03 20:41 - 2014-04-23 20:40 - 00000406 _____ () C:\WINDOWS\Tasks\VideoSaver_wd.job
2014-06-03 19:27 - 2014-04-07 11:10 - 00000000 ___RD () C:\Users\Julian\Dropbox
2014-06-03 19:27 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\DropboxMaster
2014-06-03 19:27 - 2014-04-07 11:07 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-06-03 19:25 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Temp
2014-06-02 16:56 - 2013-12-26 14:28 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment
2014-06-02 16:55 - 2014-06-02 16:40 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-02 15:42 - 2014-01-14 15:06 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Skype
2014-06-02 14:40 - 2013-12-26 14:30 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\.minecraft
2014-06-02 14:38 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen\AppData\Local\Temp
2014-06-02 14:37 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Origin
2014-06-02 14:37 - 2014-01-06 17:59 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-02 14:37 - 2014-01-03 12:40 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-06-02 13:49 - 2014-01-30 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-02 13:00 - 2013-11-30 17:20 - 00000000 ____D () C:\Users\Julian\Documents\Bluetooth Folder
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:22 - 2014-06-01 19:11 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 19:12 - 2014-05-26 17:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-01 19:11 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen
2014-06-01 19:10 - 2013-11-14 09:27 - 00005430 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-01 19:10 - 2013-11-14 09:11 - 02129064 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-01 19:10 - 2013-11-14 09:11 - 00581628 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-01 19:08 - 2013-08-22 16:46 - 00345517 _____ () C:\WINDOWS\setupact.log
2014-06-01 19:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-01 11:06 - 2013-12-25 11:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-01 11:06 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-01 07:25 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer
2014-06-01 07:07 - 2013-12-26 14:34 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1005
2014-06-01 07:02 - 2013-12-26 14:30 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{290EB6E1-06B2-459A-89F9-BD742F51684E}
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-06-01 06:56 - 2013-12-28 09:55 - 618187811 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-01 06:56 - 2013-12-28 09:55 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-01 06:55 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-31 15:59 - 2013-12-27 19:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1004
2014-05-31 15:59 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Temp
2014-05-31 15:59 - 2013-12-24 22:48 - 00000000 ____D () C:\Users\Rainer\Documents\Bluetooth Folder
2014-05-31 12:12 - 2014-05-31 11:59 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:44 - 2014-01-03 10:51 - 00000232 _____ () C:\WINDOWS\Brpfx04a.ini
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 19:40 - 2013-12-27 19:05 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F4AF68D-9D58-4E51-93BA-9D577EF1ECC6}
2014-05-30 14:19 - 2013-12-26 12:37 - 00084604 _____ () C:\WINDOWS\DirectX.log
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-30 10:27 - 2014-01-06 17:35 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{602F6161-675C-4907-9D63-CEC259D56727}
2014-05-30 10:08 - 2014-01-06 17:43 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1009
2014-05-30 08:43 - 2014-05-26 17:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-30 08:42 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-29 21:12 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\Documents\Camtasia Studio
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 20:05 - 2013-12-31 12:30 - 00000000 ____D () C:\Users\Julian\AppData\Local\gtk-2.0
2014-05-29 20:05 - 2013-12-31 12:25 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-05-29 20:02 - 2014-01-06 17:34 - 00000000 ____D () C:\Users\Jochen\Documents\Bluetooth Folder
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:35 - 2013-11-30 17:54 - 00208384 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-28 14:28 - 2013-12-25 10:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\.minecraft
2014-05-28 13:44 - 2014-04-07 11:10 - 00001076 _____ () C:\Users\Julian\Desktop\Dropbox.lnk
2014-05-28 13:44 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 13:44 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 06:10 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian
2014-05-28 05:42 - 2013-11-14 00:18 - 00012354 _____ () C:\WINDOWS\PFRO.log
2014-05-28 05:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-27 15:57 - 2014-05-27 15:56 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:24 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:24 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 14:25 - 2013-12-25 13:56 - 00000000 ____D () C:\Users\Lorenz\Documents\Bluetooth Folder
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-26 13:35 - 2014-01-03 11:47 - 00000000 ___RD () C:\Users\Rainer\Documents\Rainer Meyer privat
2014-05-26 13:35 - 2013-12-28 15:51 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Deployment
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-25 12:35 - 2013-12-25 11:16 - 00000000 ____D () C:\ProgramData\Skype
2014-05-25 12:34 - 2014-03-16 14:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 18:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 17:59 - 00002525 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-24 15:16 - 2013-11-30 17:41 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-05-24 15:16 - 2013-11-30 17:41 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-05-23 20:20 - 2014-05-08 16:38 - 00005632 _____ () C:\Users\Julian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 19:38 - 2013-11-30 17:19 - 00000000 ____D () C:\Users\Julian\AppData\Local\VirtualStore
2014-05-23 19:34 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz
2014-05-23 14:52 - 2014-05-23 14:51 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 15:52 - 2014-01-18 18:18 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 15:03 - 2014-05-19 14:58 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:56 - 2014-05-07 15:57 - 00030720 ___SH () C:\Users\Lorenz\Desktop\Thumbs.db
2014-05-19 14:54 - 2014-05-19 14:54 - 00002278 _____ () C:\Users\Lorenz\Desktop\Facebook.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00002274 _____ () C:\Users\Lorenz\Desktop\Youtube.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00001460 _____ () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00000812 _____ () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Torch
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\jZip
2014-05-19 14:54 - 2014-05-19 14:54 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\ProgramData\Datamngr
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-19 14:51 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\VirtualStore
2014-05-18 15:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-18 14:28 - 2013-12-25 11:01 - 00090962 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 18:48 - 2013-12-25 12:03 - 00000000 ___RD () C:\Users\Julian\SkyDrive
2014-05-16 18:48 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:24 - 2013-12-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-16 17:05 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 21:10 - 2013-12-24 21:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 21:10 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-14 21:09 - 2013-12-26 13:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 21:09 - 2013-12-24 21:29 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip
2014-05-09 20:18 - 2014-05-09 20:18 - 00322864 _____ () C:\WINDOWS\Minidump\050914-38734-01.dmp
2014-05-09 20:18 - 2013-08-22 16:44 - 05083896 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-09 16:12 - 2014-05-09 15:40 - 00000000 ____D () C:\Users\Julian\Documents\Calibre-Bibliothek
2014-05-09 15:56 - 2014-05-09 15:40 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\calibre
2014-05-09 15:42 - 2014-05-09 15:42 - 00000000 ____D () C:\Users\Julian\AppData\Local\calibre-cache
2014-05-09 15:40 - 2014-05-09 15:40 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-09 15:39 - 2014-05-09 15:38 - 60981248 _____ () C:\Users\Julian\Downloads\calibre-64bit-1.36.0.msi
2014-05-09 14:48 - 2014-05-03 16:42 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 14:48 - 2014-05-03 16:42 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 16:47 - 2014-05-08 16:47 - 00000000 ____D () C:\Users\Julian\AppData\Local\TechSmith
2014-05-08 14:22 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\Documents\TI-Nspire
2014-05-08 14:18 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TI-Nspire
2014-05-08 14:16 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TechSmith
2014-05-08 14:15 - 2014-05-08 14:15 - 00000000 ____D () C:\Users\Julian\Documents\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00002189 _____ () C:\Users\Julian\AppData\Local\TempfixPerms.vbs
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Texas Instruments
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 14:13 - 2014-05-08 14:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-05-08 14:13 - 2014-05-08 14:13 - 00007371 _____ () C:\WINDOWS\SysWOW64\redist.txt
2014-05-08 14:13 - 2014-05-08 14:13 - 00002082 _____ () C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\TI-Nspire CAS
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2014-05-08 14:13 - 2014-05-08 14:12 - 00000000 ____D () C:\Program Files (x86)\TI Education
2014-05-07 16:44 - 2014-05-07 16:44 - 00000906 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-05-07 16:44 - 2014-02-18 15:27 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\gtk-2.0
2014-05-07 16:44 - 2014-02-18 15:23 - 00000000 ____D () C:\Users\Lorenz\.gimp-2.8
2014-05-06 20:47 - 2014-05-06 20:44 - 251749736 _____ () C:\Users\Julian\Downloads\camtasiade_8.1.2.exe
2014-05-06 20:22 - 2014-05-06 20:22 - 00003586 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-05-06 20:22 - 2014-05-06 20:22 - 00001105 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Maxthon3
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-06 20:21 - 2014-05-06 20:21 - 01502976 _____ (Maxthon International ltd.) C:\Users\Julian\Downloads\mxsetup.exe
2014-05-06 15:55 - 2014-05-05 19:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\FileZilla
2014-05-06 15:07 - 2014-05-06 15:07 - 00001444 _____ () C:\Users\Julian\Desktop\filezilla.lnk
2014-05-06 06:40 - 2014-05-14 17:39 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 17:39 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 17:39 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-05 17:29 - 2014-03-19 08:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\CrashDumps

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Julian\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8jmoj.dll
C:\Users\Julian\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Julian\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Julian\AppData\Local\Temp\nsg2A38.exe
C:\Users\Julian\AppData\Local\Temp\ose00000.exe
C:\Users\Julian\AppData\Local\Temp\TINspireCASStudentSoftware-3.6.0.550.exe
C:\Users\Rainer\AppData\Local\Temp\_is346B.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-01 11:17

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 05.06.2014, 11:57

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

green_lion · 05.06.2014, 14:28

So hier die Logs:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.06.2014
Suchlauf-Zeit: 14:45:12
Logdatei: Adw-cleaner.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.05.07
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Julian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 428198
Verstrichene Zeit: 6 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 3
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsg2A38.exe, In Quarantäne, [d9025a1a5c1fb77f14546bc0cc358779], 
Trojan.Agent.EMP, C:\Users\Lorenz\AppData\Local\Temp\mprAB2E.tmp, In Quarantäne, [fedd5c18afcc3ff74ea1ab6368995ea2], 
Trojan.Agent.EMP, C:\Users\Lorenz\AppData\Local\Temp\mprC463.tmp, In Quarantäne, [4f8cf77da8d3ad893eb19b73e120946c], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 05/06/2014 um 14:58:55
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Julian - MEYER-BÜRO
# Gestartet von : C:\Users\Julian\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\DataMngr
Ordner Gelöscht : C:\ProgramData\torchcrashhandler
Ordner Gelöscht : C:\Program Files (x86)\VideoSaver
Ordner Gelöscht : C:\Program Files (x86)\Video-Saver
Ordner Gelöscht : C:\Users\Lorenz\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Lorenz\AppData\Local\torch
Ordner Gelöscht : C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Datei Gelöscht : C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gelöscht : C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Datei Gelöscht : C:\Users\Lorenz\Desktop\Facebook.lnk
Datei Gelöscht : C:\Users\Lorenz\Desktop\Youtube.lnk
Datei Gelöscht : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\user.js
Datei Gelöscht : C:\WINDOWS\Tasks\VideoSaver_wd.job
Datei Gelöscht : C:\WINDOWS\System32\Tasks\VideoSaver_wd

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{BF6F901F-399E-EA23-53E2-438C97252A18}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\274E1504-21E3-A9F8-9A9D-B3D4B3336957

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Jochen\AppData\Roaming\Mozilla\Firefox\Profiles\aq3z3k6b.default\prefs.js ]


[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3929 octets] - [05/06/2014 14:57:31]
AdwCleaner[S0].txt - [3405 octets] - [05/06/2014 14:58:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3465 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by Julian on 05.06.2014 at 15:20:25,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.06.2014 at 15:21:44,08
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

So ich hoffe damit kannst du etwas anfangen... Ach ich hab den FRST log vergessen... Kommt gleich nach

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Julian (administrator) on MEYER-BÜRO on 05-06-2014 15:29:28
Running from C:\Users\Julian\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-15] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Julian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {b49cc01e-def8-11e2-be6a-806e6f6e6963} - "F:\PC/TINspireStudent_Setup.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {ba2b81f8-73d2-11e3-be80-24fd52914648} - "H:\cdstart.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {f9d10030-78ef-11e3-be86-24fd52914648} - "G:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk
ShortcutTarget: Acer Remote.lnk -> C:\Program Files (x86)\Acer Remote\ArcServer.exe (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = 
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\battlefieldplay4free@ea.com [2014-05-26]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2014-05-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468240 2013-04-23] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [41504 2014-01-23] (LogMeIn Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140604.002\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-25] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140604.039\ENG64.SYS [126040 2014-04-10] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140604.039\EX64.SYS [2099288 2014-04-10] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 15:25 - 2014-06-05 15:25 - 00001491 _____ () C:\Users\Julian\Desktop\Adw-cleaner.txt
2014-06-05 15:21 - 2014-06-05 15:21 - 00000704 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-05 15:09 - 2014-06-05 15:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-05 15:03 - 2014-06-05 15:03 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-05 14:57 - 2014-06-05 14:59 - 00000000 ____D () C:\AdwCleaner
2014-06-05 14:56 - 2014-06-05 14:56 - 01327971 _____ () C:\Users\Julian\Downloads\adwcleaner_3.211.exe
2014-06-05 14:43 - 2014-06-05 15:24 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 14:43 - 2014-06-05 14:43 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-05 14:43 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-05 14:43 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-05 14:43 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-06-05 14:42 - 2014-06-05 14:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 15:28 - 2014-06-05 15:29 - 00022399 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-04 15:28 - 2014-06-05 15:29 - 00000000 ____D () C:\FRST
2014-06-04 15:28 - 2014-06-04 15:30 - 00042930 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-04 15:27 - 2014-06-04 15:27 - 02068992 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-04 07:19 - 2014-06-04 07:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-02 16:40 - 2014-06-02 16:55 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:11 - 2014-06-01 19:22 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-05-31 11:59 - 2014-05-31 12:12 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-27 15:56 - 2014-05-27 15:57 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:18 - 2014-05-30 08:43 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-26 17:17 - 2014-05-30 08:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-26 17:17 - 2014-05-26 17:24 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:16 - 2014-06-02 14:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-26 17:16 - 2014-06-01 19:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-26 17:16 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-23 14:51 - 2014-05-23 14:52 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 14:58 - 2014-05-19 15:03 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-14 17:39 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 17:39 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 17:39 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 17:39 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 17:39 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 17:39 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 17:39 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 17:39 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 17:39 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 17:39 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 17:39 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 17:39 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 17:39 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 17:39 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 17:39 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 17:39 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 17:39 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 17:38 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 17:38 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 17:38 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 17:38 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip
2014-05-09 20:18 - 2014-05-09 20:18 - 00322864 _____ () C:\WINDOWS\Minidump\050914-38734-01.dmp
2014-05-09 15:42 - 2014-05-09 15:42 - 00000000 ____D () C:\Users\Julian\AppData\Local\calibre-cache
2014-05-09 15:40 - 2014-05-09 16:12 - 00000000 ____D () C:\Users\Julian\Documents\Calibre-Bibliothek
2014-05-09 15:40 - 2014-05-09 15:56 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\calibre
2014-05-09 15:40 - 2014-05-09 15:40 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-09 15:38 - 2014-05-09 15:39 - 60981248 _____ () C:\Users\Julian\Downloads\calibre-64bit-1.36.0.msi
2014-05-08 16:47 - 2014-05-08 16:47 - 00000000 ____D () C:\Users\Julian\AppData\Local\TechSmith
2014-05-08 16:38 - 2014-05-23 20:20 - 00005632 _____ () C:\Users\Julian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-08 14:18 - 2014-06-04 16:42 - 00000000 ____D () C:\Users\Julian\Documents\TI-Nspire
2014-05-08 14:18 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TI-Nspire
2014-05-08 14:16 - 2014-05-29 21:12 - 00000000 ____D () C:\Users\Julian\Documents\Camtasia Studio
2014-05-08 14:16 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TechSmith
2014-05-08 14:15 - 2014-05-08 14:15 - 00000000 ____D () C:\Users\Julian\Documents\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00002189 _____ () C:\Users\Julian\AppData\Local\TempfixPerms.vbs
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Texas Instruments
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 14:13 - 2014-05-08 14:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-05-08 14:13 - 2014-05-08 14:13 - 00007371 _____ () C:\WINDOWS\SysWOW64\redist.txt
2014-05-08 14:13 - 2014-05-08 14:13 - 00002082 _____ () C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\TI-Nspire CAS
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2014-05-08 14:12 - 2014-05-08 14:13 - 00000000 ____D () C:\Program Files (x86)\TI Education
2014-05-07 16:44 - 2014-05-07 16:44 - 00000906 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-05-07 15:57 - 2014-05-19 14:56 - 00030720 ___SH () C:\Users\Lorenz\Desktop\Thumbs.db
2014-05-06 20:44 - 2014-05-06 20:47 - 251749736 _____ () C:\Users\Julian\Downloads\camtasiade_8.1.2.exe
2014-05-06 20:22 - 2014-05-06 20:22 - 00003586 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-05-06 20:22 - 2014-05-06 20:22 - 00001105 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Maxthon3
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-06 20:21 - 2014-05-06 20:21 - 01502976 _____ (Maxthon International ltd.) C:\Users\Julian\Downloads\mxsetup.exe
2014-05-06 15:07 - 2014-05-06 15:07 - 00001444 _____ () C:\Users\Julian\Desktop\filezilla.lnk

==================== One Month Modified Files and Folders =======

2014-06-05 15:29 - 2014-06-04 15:28 - 00022399 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-05 15:29 - 2014-06-04 15:28 - 00000000 ____D () C:\FRST
2014-06-05 15:29 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian\AppData\Local\Temp
2014-06-05 15:28 - 2013-12-25 12:14 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CDB1D17-374E-47F5-A88E-A278A97AC4A6}
2014-06-05 15:25 - 2014-06-05 15:25 - 00001491 _____ () C:\Users\Julian\Desktop\Adw-cleaner.txt
2014-06-05 15:24 - 2014-06-05 14:43 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 15:23 - 2013-12-24 22:41 - 00000000 ____D () C:\Program Files (x86)\PSPad editor
2014-06-05 15:22 - 2013-11-14 09:27 - 00005430 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-05 15:22 - 2013-11-14 09:11 - 02216316 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-05 15:22 - 2013-11-14 09:11 - 00608736 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-05 15:21 - 2014-06-05 15:21 - 00000704 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-05 15:20 - 2014-05-03 16:42 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 15:20 - 2014-04-07 11:10 - 00000000 ___RD () C:\Users\Julian\Dropbox
2014-06-05 15:20 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\DropboxMaster
2014-06-05 15:20 - 2014-04-07 11:07 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-06-05 15:17 - 2013-12-25 11:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-05 15:17 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-05 15:09 - 2014-06-05 15:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-05 15:03 - 2014-06-05 15:03 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-05 14:59 - 2014-06-05 14:57 - 00000000 ____D () C:\AdwCleaner
2014-06-05 14:59 - 2013-11-14 00:18 - 00013710 _____ () C:\WINDOWS\PFRO.log
2014-06-05 14:56 - 2014-06-05 14:56 - 01327971 _____ () C:\Users\Julian\Downloads\adwcleaner_3.211.exe
2014-06-05 14:53 - 2014-05-03 16:42 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 14:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Cursors
2014-06-05 14:51 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Temp
2014-06-05 14:43 - 2014-06-05 14:43 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-05 14:43 - 2014-06-05 14:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-05 14:41 - 2013-11-30 17:20 - 00000000 ____D () C:\Users\Julian\Documents\Bluetooth Folder
2014-06-05 14:40 - 2013-12-25 11:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-05 14:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-05 11:08 - 2013-12-25 11:39 - 01515124 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-05 08:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-05 06:42 - 2013-11-30 17:28 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1001
2014-06-05 02:00 - 2013-12-25 18:05 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-06-04 16:42 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\Documents\TI-Nspire
2014-06-04 15:30 - 2014-06-04 15:28 - 00042930 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-04 15:27 - 2014-06-04 15:27 - 02068992 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-04 14:05 - 2014-02-02 19:33 - 00000000 ____D () C:\Users\Julian\AppData\Local\NPE
2014-06-04 14:05 - 2013-06-27 09:46 - 00000000 ____D () C:\ProgramData\Norton
2014-06-04 07:20 - 2014-06-04 07:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-03 21:00 - 2014-04-07 11:22 - 00007591 _____ () C:\Users\Julian\AppData\Local\Resmon.ResmonCfg
2014-06-02 16:56 - 2013-12-26 14:28 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment
2014-06-02 16:55 - 2014-06-02 16:40 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-02 15:42 - 2014-01-14 15:06 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Skype
2014-06-02 14:40 - 2013-12-26 14:30 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\.minecraft
2014-06-02 14:38 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen\AppData\Local\Temp
2014-06-02 14:37 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Origin
2014-06-02 14:37 - 2014-01-06 17:59 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-02 14:37 - 2014-01-03 12:40 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-06-02 13:49 - 2014-01-30 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:22 - 2014-06-01 19:11 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 19:12 - 2014-05-26 17:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-01 19:11 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen
2014-06-01 19:08 - 2013-08-22 16:46 - 00345517 _____ () C:\WINDOWS\setupact.log
2014-06-01 07:25 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer
2014-06-01 07:07 - 2013-12-26 14:34 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1005
2014-06-01 07:02 - 2013-12-26 14:30 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{290EB6E1-06B2-459A-89F9-BD742F51684E}
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-06-01 06:56 - 2013-12-28 09:55 - 618187811 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-01 06:56 - 2013-12-28 09:55 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-01 06:55 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-31 15:59 - 2013-12-27 19:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1004
2014-05-31 15:59 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Temp
2014-05-31 15:59 - 2013-12-24 22:48 - 00000000 ____D () C:\Users\Rainer\Documents\Bluetooth Folder
2014-05-31 12:12 - 2014-05-31 11:59 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:44 - 2014-01-03 10:51 - 00000232 _____ () C:\WINDOWS\Brpfx04a.ini
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 19:40 - 2013-12-27 19:05 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F4AF68D-9D58-4E51-93BA-9D577EF1ECC6}
2014-05-30 14:19 - 2013-12-26 12:37 - 00084604 _____ () C:\WINDOWS\DirectX.log
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-30 10:27 - 2014-01-06 17:35 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{602F6161-675C-4907-9D63-CEC259D56727}
2014-05-30 10:08 - 2014-01-06 17:43 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1009
2014-05-30 08:43 - 2014-05-26 17:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-30 08:42 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-29 21:12 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\Documents\Camtasia Studio
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 20:05 - 2013-12-31 12:30 - 00000000 ____D () C:\Users\Julian\AppData\Local\gtk-2.0
2014-05-29 20:05 - 2013-12-31 12:25 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-05-29 20:02 - 2014-01-06 17:34 - 00000000 ____D () C:\Users\Jochen\Documents\Bluetooth Folder
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:35 - 2013-11-30 17:54 - 00208384 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-28 14:28 - 2013-12-25 10:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\.minecraft
2014-05-28 13:44 - 2014-04-07 11:10 - 00001076 _____ () C:\Users\Julian\Desktop\Dropbox.lnk
2014-05-28 13:44 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 13:44 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 06:10 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian
2014-05-28 05:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-27 15:57 - 2014-05-27 15:56 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:24 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:24 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 14:25 - 2013-12-25 13:56 - 00000000 ____D () C:\Users\Lorenz\Documents\Bluetooth Folder
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-26 13:35 - 2014-01-03 11:47 - 00000000 ___RD () C:\Users\Rainer\Documents\Rainer Meyer privat
2014-05-26 13:35 - 2013-12-28 15:51 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Deployment
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-25 12:35 - 2013-12-25 11:16 - 00000000 ____D () C:\ProgramData\Skype
2014-05-25 12:34 - 2014-03-16 14:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 18:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 17:59 - 00002525 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-24 15:16 - 2013-11-30 17:41 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-05-24 15:16 - 2013-11-30 17:41 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-05-23 20:20 - 2014-05-08 16:38 - 00005632 _____ () C:\Users\Julian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 19:38 - 2013-11-30 17:19 - 00000000 ____D () C:\Users\Julian\AppData\Local\VirtualStore
2014-05-23 19:34 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz
2014-05-23 14:52 - 2014-05-23 14:51 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 15:52 - 2014-01-18 18:18 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 15:03 - 2014-05-19 14:58 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:56 - 2014-05-07 15:57 - 00030720 ___SH () C:\Users\Lorenz\Desktop\Thumbs.db
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-19 14:51 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\VirtualStore
2014-05-18 15:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-18 14:28 - 2013-12-25 11:01 - 00090962 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 18:48 - 2013-12-25 12:03 - 00000000 ___RD () C:\Users\Julian\SkyDrive
2014-05-16 18:48 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:24 - 2013-12-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-16 17:05 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 21:10 - 2013-12-24 21:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 21:10 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-14 21:09 - 2013-12-26 13:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 21:09 - 2013-12-24 21:29 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip
2014-05-12 07:26 - 2014-06-05 14:43 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-05 14:43 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-05 14:43 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-09 20:18 - 2014-05-09 20:18 - 00322864 _____ () C:\WINDOWS\Minidump\050914-38734-01.dmp
2014-05-09 20:18 - 2013-08-22 16:44 - 05083896 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-09 16:12 - 2014-05-09 15:40 - 00000000 ____D () C:\Users\Julian\Documents\Calibre-Bibliothek
2014-05-09 15:56 - 2014-05-09 15:40 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\calibre
2014-05-09 15:42 - 2014-05-09 15:42 - 00000000 ____D () C:\Users\Julian\AppData\Local\calibre-cache
2014-05-09 15:40 - 2014-05-09 15:40 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-05-09 15:40 - 2014-05-09 15:40 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-09 15:39 - 2014-05-09 15:38 - 60981248 _____ () C:\Users\Julian\Downloads\calibre-64bit-1.36.0.msi
2014-05-09 14:48 - 2014-05-03 16:42 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 14:48 - 2014-05-03 16:42 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 16:47 - 2014-05-08 16:47 - 00000000 ____D () C:\Users\Julian\AppData\Local\TechSmith
2014-05-08 14:18 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TI-Nspire
2014-05-08 14:16 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TechSmith
2014-05-08 14:15 - 2014-05-08 14:15 - 00000000 ____D () C:\Users\Julian\Documents\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00002189 _____ () C:\Users\Julian\AppData\Local\TempfixPerms.vbs
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Texas Instruments
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-05-08 14:14 - 2014-05-08 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 14:13 - 2014-05-08 14:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-05-08 14:13 - 2014-05-08 14:13 - 00007371 _____ () C:\WINDOWS\SysWOW64\redist.txt
2014-05-08 14:13 - 2014-05-08 14:13 - 00002082 _____ () C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\TI-Nspire CAS
2014-05-08 14:13 - 2014-05-08 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2014-05-08 14:13 - 2014-05-08 14:12 - 00000000 ____D () C:\Program Files (x86)\TI Education
2014-05-07 16:44 - 2014-05-07 16:44 - 00000906 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-05-07 16:44 - 2014-02-18 15:27 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\gtk-2.0
2014-05-07 16:44 - 2014-02-18 15:23 - 00000000 ____D () C:\Users\Lorenz\.gimp-2.8
2014-05-06 20:47 - 2014-05-06 20:44 - 251749736 _____ () C:\Users\Julian\Downloads\camtasiade_8.1.2.exe
2014-05-06 20:22 - 2014-05-06 20:22 - 00003586 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-05-06 20:22 - 2014-05-06 20:22 - 00001105 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Maxthon3
2014-05-06 20:22 - 2014-05-06 20:22 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-05-06 20:21 - 2014-05-06 20:21 - 01502976 _____ (Maxthon International ltd.) C:\Users\Julian\Downloads\mxsetup.exe
2014-05-06 15:55 - 2014-05-05 19:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\FileZilla
2014-05-06 15:07 - 2014-05-06 15:07 - 00001444 _____ () C:\Users\Julian\Desktop\filezilla.lnk
2014-05-06 06:40 - 2014-05-14 17:39 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 17:39 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 17:39 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 17:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Julian\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk_1huk.dll
C:\Users\Julian\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Julian\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Julian\AppData\Local\Temp\ose00000.exe
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
C:\Users\Julian\AppData\Local\Temp\TINspireCASStudentSoftware-3.6.0.550.exe
C:\Users\Rainer\AppData\Local\Temp\_is346B.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-05 05:59

==================== End Of Log ============================

--- --- ---

So das war jetzt alles

schrauber · 06.06.2014, 11:42

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

green_lion · 07.06.2014, 18:24

Habe ganz vergessen zu sagen das ich bin Dienstag Abend im Urlaub bin.
Von daher kommen die logs erst am Mittwoch:/

Ich wünsche dir trotzdem noch ein schönes Wochenende

schrauber · 08.06.2014, 09:50

alles klar

green_lion · 12.06.2014, 20:30

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=6f1f565b3ef9e54f90c22487661087d3
# engine=18687
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-12 06:44:07
# local_time=2014-06-12 08:44:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 29238 165195232 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2345962 27479940 0 0
# scanned=492353
# found=38
# cleaned=0
# scan_time=14440
sh=CA55CFC46DD8D4D96C6F20E45115EFE0FD750469 ft=1 fh=6c776b5d520f53ea vn="Variante von Win32/AdWare.AddLyrics.AJ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoSaver\VideoSaverGWdkcw.exe.vir"
sh=2F2922F327F3F8047A2F47ECA1AB4EE3423607A2 ft=1 fh=934df92b3c7f3940 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lorenz\AppData\Local\torch\Helper.dll.vir"
sh=49C34AC521C1045BC031A1603A9EF62446886C0D ft=1 fh=c37e252d2d83b0ba vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF10.dll"
sh=4384AC2E4100CC70EE9BC9C6A503AEBFFA796107 ft=1 fh=cb98c0645e82e1bd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF11.dll"
sh=6503525402D5E0F6DD924A5A4C9090D5A0514B16 ft=1 fh=bd2b3b84ab65f051 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF12.dll"
sh=94F9F77FC214B299F25D440B0ED5EC9D20D6D8FD ft=1 fh=477c242b89ddbeea vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF13.dll"
sh=F7DF87316ABEFDAD7892FDB852568B59E4B1B625 ft=1 fh=f416c00c616d5989 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF14.dll"
sh=387A6FA03583A2251A08C4F495A5FD6E7CB906E5 ft=1 fh=4871cefff8c66cee vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF15.dll"
sh=6DE70C93563634348B6B992BD503A05DAE07DF0F ft=1 fh=dec60df68c7d9dd9 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF16.dll"
sh=300EBA3F24359687A61D73BB2DB53C44E5A2A0A3 ft=1 fh=f2fba972a73e0009 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF17.dll"
sh=CABAC0673CDD293F82CE830D2E39DDBF8F4B4CC8 ft=1 fh=6a587d992d73d1bd vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF18.dll"
sh=BF3DF1B25DDBE1F131821C578CD076C2BE54C1E4 ft=1 fh=77dcdc6e6503beeb vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF19.dll"
sh=12BA8C9B617D4A36DCEF64CDC109C61C63AC2D93 ft=1 fh=e9b03f0ad1918a75 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF2.dll"
sh=812A2C4E3C3EDFC5AEB401C5B200FF6FA83D3B86 ft=1 fh=6bf004dbab67c20c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF20.dll"
sh=0AD9C31BDD1152288E3858AD889A82A1C2BCAC57 ft=1 fh=09e9126aed1653a9 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF21.dll"
sh=06C0C0DCC0F266B173AE579A04E77C74F789CD36 ft=1 fh=26d43e200908a62f vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF22.dll"
sh=07CE27FF00D1796E0BBA53382B2DAAE988DAE801 ft=1 fh=305c695f938121d9 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF23.dll"
sh=62C35AB8B323FBD922532E3002146273C290FF15 ft=1 fh=72471cf0b8e9bef7 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF24.dll"
sh=328A3F6A6B2AD7C6CD066F032AC49E23386F7CCA ft=1 fh=a63030a82f80ec61 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF25.dll"
sh=C0E2E2344FEBE065E34785B0A676E3A05A724982 ft=1 fh=0cf9b3418ee37402 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF26.dll"
sh=5B32EB6D6BD0CB7967E9A4391EAC6F05DBDF26E6 ft=1 fh=7509a865c9a7142a vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF27.dll"
sh=1659A7208AE11E9EBC3633C7F92B1D2554E2253F ft=1 fh=8af1566607e27335 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF28.dll"
sh=F8F3261E698A0A2E27F9815A291A360B5CF95F30 ft=1 fh=8b1b795f7f2b86dc vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF29.dll"
sh=5CA040C3455378D189C77B578ED4097E6FC753D8 ft=1 fh=000edebf3107e86b vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF4.dll"
sh=1BD8EC9B93429C3C38B550B7569259329CE09839 ft=1 fh=aa4060122135c70c vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF5.dll"
sh=027B559311862C13774F7299697CCE33EB0E9961 ft=1 fh=9407c44d3c121930 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF6.dll"
sh=3AE1ADF1DFB14FE4E6951E17194FAF7DE06B5542 ft=1 fh=f42a55a8ffb019c7 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF7.dll"
sh=F8D0450C66A6FFE52318DA3D6ABDA4D17BFB9875 ft=1 fh=06ba9f38227929d1 vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF8.dll"
sh=E82465CAC8BC8F9C2FB54D0DF13C39DA686E2766 ft=1 fh=a9bf686c4c165dec vn="möglicherweise Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\extensions\{63DDC2FF-EEFC-819D-75BE-C56CB1725B35}\components\DatamngrHlpFF9.dll"
sh=731975200E997E46FB9B43E04436810684EC2FF2 ft=1 fh=252618f8a97c7dc7 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe"
sh=B68BF0E698A41B385F988BF936586CBEFAADF1B2 ft=1 fh=8f23a3e3ad9fbfbf vn="Variante von Win32/Toolbar.SearchSuite.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\Microsoft\Windows\INetCache\IE\TMFCWSKT\jZipSetup-r342-w-bi.exe"
sh=2F2922F327F3F8047A2F47ECA1AB4EE3423607A2 ft=1 fh=934df92b3c7f3940 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\Temp\nsmEF8B.tmp\Helper.dll"
sh=1A1FBE219B280494DAD078D673575D27DC8D1610 ft=1 fh=f5c8e958d12001c5 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\Temp\nstE038.tmp\Helper.dll"
sh=DFB17FD98C37594BDD308479068492297EDB28F7 ft=1 fh=fa1ccee1e1a4e00a vn="Win32/Soffer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\Temp\nstE038.tmp\soffer.dll"
sh=2BAD29AF5BF67D28FE227BB1A131CD4489BDC921 ft=1 fh=e6225e5a29697b8b vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\Temp\nsz6D86.tmp\Helper.dll"
sh=048B69C63657E54010E6AA3DD2292551449C9D09 ft=1 fh=e6cad54760fcbc1b vn="Win32/AdWare.Bandoo.AD Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\VirtualStore\Program Files (x86)\Music Toolbar\Datamngr\setmgrc1.cfg"
sh=6D8FEC44B841B77134FB207DA53F4C2430F20F95 ft=1 fh=ff93020162e1a767 vn="Win64/Adware.Bandoo.A Anwendung" ac=I fn="C:\Users\Lorenz\AppData\Local\VirtualStore\Program Files (x86)\Music Toolbar\Datamngr\x64\setmgrc1.cfg"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="G:\Instalationsprogramme\Youtube to MP3\FreeYouTubeToMP3Converter31126.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
  Adobe Flash Player 	11.9.900.170 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1) 
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Symantec Norton Online Backup NOBuAgent.exe  
 Symantec Norton Online Backup NOBuClient.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Julian (administrator) on MEYER-BÜRO on 12-06-2014 21:28:13
Running from C:\Users\Julian\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-15] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Julian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2013-12-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {b49cc01e-def8-11e2-be6a-806e6f6e6963} - "F:\PC/TINspireStudent_Setup.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {ba2b81f8-73d2-11e3-be80-24fd52914648} - "H:\cdstart.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1001\...\MountPoints2: {f9d10030-78ef-11e3-be86-24fd52914648} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1004\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3822500206-1761141436-4080005568-1004\...\MountPoints2: {ba2b81f8-73d2-11e3-be80-24fd52914648} - "H:\cdstart.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1005\...\MountPoints2: {b49cc01e-def8-11e2-be6a-806e6f6e6963} - "F:\PC/TINspireStudent_Setup.exe" 
HKU\S-1-5-21-3822500206-1761141436-4080005568-1005\...\MountPoints2: {ba2b81f8-73d2-11e3-be80-24fd52914648} - "H:\cdstart.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Remote.lnk
ShortcutTarget: Acer Remote.lnk -> C:\Program Files (x86)\Acer Remote\ArcServer.exe (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {68E5EF68-B9A0-4FB3-832B-02FE42F92452} URL = 
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\battlefieldplay4free@ea.com [2014-05-26]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\iyowj2me.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-23]
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Norton Identity Protection) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-21]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2014-05-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468240 2013-04-23] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
U3 EraserUtilDrv11313; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [142128 2014-06-11] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [41504 2014-01-23] (LogMeIn Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140611.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-25] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140612.006\ENG64.SYS [126040 2014-04-10] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140612.006\EX64.SYS [2099288 2014-04-10] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-12 21:28 - 2014-06-12 21:28 - 00000000 ____D () C:\Users\Julian\Downloads\FRST-OlderVersion
2014-06-12 16:41 - 2014-06-12 16:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 16:40 - 2014-06-12 16:40 - 00854367 _____ () C:\Users\Julian\Downloads\SecurityCheck.exe
2014-06-12 16:21 - 2014-06-12 16:21 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 16:21 - 2014-06-12 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-12 16:20 - 2014-06-12 16:21 - 00000000 ____D () C:\Users\Julian\AppData\Local\Google
2014-06-12 16:01 - 2014-06-12 16:01 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-05 15:25 - 2014-06-05 15:25 - 00001491 _____ () C:\Users\Julian\Desktop\Adw-cleaner.txt
2014-06-05 15:21 - 2014-06-05 15:21 - 00000704 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-05 15:09 - 2014-06-05 15:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-05 15:03 - 2014-06-05 15:03 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-05 14:57 - 2014-06-05 14:59 - 00000000 ____D () C:\AdwCleaner
2014-06-05 14:56 - 2014-06-05 14:56 - 01327971 _____ () C:\Users\Julian\Downloads\adwcleaner_3.211.exe
2014-06-05 14:43 - 2014-06-05 15:24 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 14:43 - 2014-06-05 14:43 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-05 14:43 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-05 14:43 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-05 14:43 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-06-05 14:42 - 2014-06-05 14:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 15:28 - 2014-06-12 21:28 - 00025431 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-04 15:28 - 2014-06-12 21:28 - 00000000 ____D () C:\FRST
2014-06-04 15:28 - 2014-06-04 15:30 - 00042930 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-04 15:27 - 2014-06-12 21:28 - 02081792 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-04 07:19 - 2014-06-04 07:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-02 16:40 - 2014-06-02 16:55 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:11 - 2014-06-01 19:22 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-05-31 11:59 - 2014-05-31 12:12 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:04 - 2014-05-29 15:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-27 15:56 - 2014-05-27 15:57 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:18 - 2014-05-30 08:43 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-26 17:17 - 2014-05-30 08:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-26 17:17 - 2014-05-26 17:24 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:16 - 2014-06-02 14:37 - 00000000 ____D () C:\ProgramData\Origin
2014-05-26 17:16 - 2014-06-01 19:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-26 17:16 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-23 14:51 - 2014-05-23 14:52 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 14:58 - 2014-05-19 15:03 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-14 17:39 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 17:39 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 17:39 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 17:39 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 17:39 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 17:39 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 17:39 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 17:39 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 17:39 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 17:39 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 17:39 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 17:39 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 17:39 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 17:39 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 17:39 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 17:39 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 17:39 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 17:39 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 17:39 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 17:39 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 17:39 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 17:39 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 17:39 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 17:39 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 17:39 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 17:39 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 17:38 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 17:38 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 17:38 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 17:38 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 17:38 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip

==================== One Month Modified Files and Folders =======

2014-06-12 21:28 - 2014-06-12 21:28 - 00000000 ____D () C:\Users\Julian\Downloads\FRST-OlderVersion
2014-06-12 21:28 - 2014-06-04 15:28 - 00025431 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-12 21:28 - 2014-06-04 15:28 - 00000000 ____D () C:\FRST
2014-06-12 21:28 - 2014-06-04 15:27 - 02081792 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-12 21:28 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian\AppData\Local\Temp
2014-06-12 21:25 - 2013-12-25 11:16 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Skype
2014-06-12 20:53 - 2014-05-03 16:42 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-12 20:52 - 2014-01-03 10:50 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-06-12 20:47 - 2013-12-25 11:39 - 01529354 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-12 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-12 19:33 - 2013-11-30 17:20 - 00000000 ____D () C:\Users\Julian\Documents\Bluetooth Folder
2014-06-12 18:53 - 2013-11-30 17:28 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1001
2014-06-12 17:46 - 2013-12-26 13:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 17:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-12 17:46 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-12 16:41 - 2014-06-12 16:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 16:40 - 2014-06-12 16:40 - 00854367 _____ () C:\Users\Julian\Downloads\SecurityCheck.exe
2014-06-12 16:40 - 2013-11-14 09:27 - 00005430 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-12 16:40 - 2013-11-14 09:11 - 02230858 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-12 16:40 - 2013-11-14 09:11 - 00613254 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-12 16:39 - 2013-08-22 16:46 - 00347902 _____ () C:\WINDOWS\setupact.log
2014-06-12 16:21 - 2014-06-12 16:21 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 16:21 - 2014-06-12 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-12 16:21 - 2014-06-12 16:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\Google
2014-06-12 16:20 - 2014-05-03 16:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-12 16:01 - 2014-06-12 16:01 - 02347384 _____ (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_deu.exe
2014-06-12 15:57 - 2014-05-03 16:42 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-12 15:57 - 2014-04-07 11:10 - 00000000 ___RD () C:\Users\Julian\Dropbox
2014-06-12 15:57 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\DropboxMaster
2014-06-12 15:57 - 2014-04-07 11:07 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-06-12 15:17 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen\AppData\Local\Temp
2014-06-12 13:56 - 2014-01-06 17:43 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1009
2014-06-12 12:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-12 10:42 - 2014-01-06 17:35 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{602F6161-675C-4907-9D63-CEC259D56727}
2014-06-11 17:06 - 2013-12-26 14:34 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1005
2014-06-11 17:03 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Temp
2014-06-11 16:53 - 2013-12-26 14:30 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{290EB6E1-06B2-459A-89F9-BD742F51684E}
2014-06-10 21:15 - 2013-12-25 18:05 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-06-10 21:15 - 2013-12-25 12:14 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CDB1D17-374E-47F5-A88E-A278A97AC4A6}
2014-06-05 15:25 - 2014-06-05 15:25 - 00001491 _____ () C:\Users\Julian\Desktop\Adw-cleaner.txt
2014-06-05 15:24 - 2014-06-05 14:43 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 15:23 - 2013-12-24 22:41 - 00000000 ____D () C:\Program Files (x86)\PSPad editor
2014-06-05 15:21 - 2014-06-05 15:21 - 00000704 _____ () C:\Users\Julian\Desktop\JRT.txt
2014-06-05 15:17 - 2013-12-25 11:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-05 15:17 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-05 15:09 - 2014-06-05 15:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-05 15:03 - 2014-06-05 15:03 - 01016261 _____ (Thisisu) C:\Users\Julian\Downloads\JRT.exe
2014-06-05 14:59 - 2014-06-05 14:57 - 00000000 ____D () C:\AdwCleaner
2014-06-05 14:59 - 2013-11-14 00:18 - 00013710 _____ () C:\WINDOWS\PFRO.log
2014-06-05 14:56 - 2014-06-05 14:56 - 01327971 _____ () C:\Users\Julian\Downloads\adwcleaner_3.211.exe
2014-06-05 14:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Cursors
2014-06-05 14:43 - 2014-06-05 14:43 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:43 - 2014-06-05 14:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-05 14:43 - 2014-06-05 14:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 16:42 - 2014-05-08 14:18 - 00000000 ____D () C:\Users\Julian\Documents\TI-Nspire
2014-06-04 15:30 - 2014-06-04 15:28 - 00042930 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-04 14:05 - 2014-02-02 19:33 - 00000000 ____D () C:\Users\Julian\AppData\Local\NPE
2014-06-04 14:05 - 2013-06-27 09:46 - 00000000 ____D () C:\ProgramData\Norton
2014-06-04 07:20 - 2014-06-04 07:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\Julian\Downloads\Malwarebytes Anti Malware - CHIP-Installer.exe
2014-06-03 21:00 - 2014-04-07 11:22 - 00007591 _____ () C:\Users\Julian\AppData\Local\Resmon.ResmonCfg
2014-06-02 16:56 - 2013-12-26 14:28 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment
2014-06-02 16:55 - 2014-06-02 16:40 - 00022528 _____ () C:\Users\Julian\Downloads\Termine SkL Übersicht.xls
2014-06-02 15:42 - 2014-01-14 15:06 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Skype
2014-06-02 14:40 - 2013-12-26 14:30 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\.minecraft
2014-06-02 14:37 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Origin
2014-06-02 14:37 - 2014-01-06 17:59 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\TS3Client
2014-06-02 14:37 - 2014-01-03 12:40 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-06-02 13:49 - 2014-01-30 17:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 20:24 - 2014-06-01 20:24 - 00000000 ____D () C:\Users\Julian\Downloads\Veenhuis_Shuttle
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Users\Julian\AppData\Local\ESN
2014-06-01 20:20 - 2014-06-01 20:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 20:19 - 2014-06-01 20:19 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141(1).exe
2014-06-01 20:16 - 2014-06-01 20:16 - 02247960 _____ () C:\Users\Julian\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-06-01 19:22 - 2014-06-01 19:11 - 00000000 ____D () C:\Users\Jochen\Filme
2014-06-01 19:12 - 2014-05-26 17:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-01 19:11 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Jochen
2014-06-01 07:25 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer
2014-06-01 06:56 - 2014-06-01 06:56 - 00318888 _____ () C:\WINDOWS\Minidump\060114-23796-01.dmp
2014-06-01 06:56 - 2013-12-28 09:55 - 618187811 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-01 06:56 - 2013-12-28 09:55 - 00000000 ____D () C:\WINDOWS\Minidump
2014-05-31 15:59 - 2013-12-27 19:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822500206-1761141436-4080005568-1004
2014-05-31 15:59 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Temp
2014-05-31 15:59 - 2013-12-24 22:48 - 00000000 ____D () C:\Users\Rainer\Documents\Bluetooth Folder
2014-05-31 12:12 - 2014-05-31 11:59 - 55681785 _____ () C:\Users\Julian\Downloads\UNZIP_ME_Fendt936_Fendt927.zip
2014-05-31 07:13 - 2013-08-22 17:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:13 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 19:49 - 2014-05-30 19:49 - 00000202 _____ () C:\Users\Rainer\Desktop\Brother MFC-J4410DW Printer - Verknüpfung.lnk
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Rainer\AppData\Roaming\PC-FAX TX
2014-05-30 19:44 - 2014-01-03 10:51 - 00000232 _____ () C:\WINDOWS\Brpfx04a.ini
2014-05-30 19:42 - 2014-05-30 19:42 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Brother
2014-05-30 19:40 - 2013-12-27 19:05 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F4AF68D-9D58-4E51-93BA-9D577EF1ECC6}
2014-05-30 14:19 - 2013-12-26 12:37 - 00084604 _____ () C:\WINDOWS\DirectX.log
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-30 11:51 - 2014-05-30 11:51 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-30 11:50 - 2014-05-30 11:50 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-30 08:43 - 2014-05-26 17:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-30 08:42 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Origin
2014-05-29 21:12 - 2014-05-08 14:16 - 00000000 ____D () C:\Users\Julian\Documents\Camtasia Studio
2014-05-29 20:11 - 2014-05-29 20:11 - 17266608 _____ (GIANTS Software GmbH) C:\Users\Julian\Downloads\MBTrac1800Intercooler.exe
2014-05-29 20:05 - 2014-05-29 20:05 - 00001412 _____ () C:\Users\Julian\AppData\Local\recently-used.xbel
2014-05-29 20:05 - 2013-12-31 12:30 - 00000000 ____D () C:\Users\Julian\AppData\Local\gtk-2.0
2014-05-29 20:05 - 2013-12-31 12:25 - 00000000 ____D () C:\Users\Julian\.gimp-2.8
2014-05-29 20:02 - 2014-01-06 17:34 - 00000000 ____D () C:\Users\Jochen\Documents\Bluetooth Folder
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Origin
2014-05-29 15:11 - 2014-05-29 15:04 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Origin
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Julian\Desktop\VeenhuisW400
2014-05-29 13:35 - 2013-11-30 17:54 - 00208384 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-05-29 13:08 - 2014-05-29 13:08 - 02747025 _____ () C:\Users\Julian\Downloads\Veenhuis_Shuttle.zip
2014-05-28 14:28 - 2013-12-25 10:31 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\.minecraft
2014-05-28 13:44 - 2014-04-07 11:10 - 00001076 _____ () C:\Users\Julian\Desktop\Dropbox.lnk
2014-05-28 13:44 - 2014-04-07 11:08 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 13:44 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 06:10 - 2013-12-25 11:43 - 00000000 ____D () C:\Users\Julian
2014-05-28 05:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-27 15:57 - 2014-05-27 15:56 - 31112395 _____ () C:\Users\Julian\Downloads\UNPACK_ME.rar
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 17:24 - 2014-05-26 17:24 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 17:24 - 2014-05-26 17:17 - 00000000 ____D () C:\Users\Julian\AppData\Local\Origin
2014-05-26 17:24 - 2014-05-26 17:16 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-26 17:16 - 2014-05-26 17:16 - 00000999 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-05-26 17:15 - 2014-05-26 17:15 - 17009768 _____ (Electronic Arts, Inc.) C:\Users\Julian\Downloads\OriginThinSetup.exe
2014-05-26 14:25 - 2013-12-25 13:56 - 00000000 ____D () C:\Users\Lorenz\Documents\Bluetooth Folder
2014-05-26 13:35 - 2014-05-26 13:35 - 00084000 _____ () C:\Users\Rainer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-26 13:35 - 2014-01-03 11:47 - 00000000 ___RD () C:\Users\Rainer\Documents\Rainer Meyer privat
2014-05-26 13:35 - 2013-12-28 15:51 - 00000000 ____D () C:\Users\Rainer\AppData\Local\Deployment
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 13:33 - 2013-12-24 22:48 - 00000000 ___RD () C:\Users\Rainer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-25 12:35 - 2013-12-25 11:16 - 00000000 ____D () C:\ProgramData\Skype
2014-05-25 12:34 - 2014-03-16 14:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-24 20:37 - 2014-05-24 20:37 - 00000000 ____D () C:\Users\Julian\Desktop\Server
2014-05-24 15:16 - 2014-05-24 15:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 18:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-24 15:16 - 2013-11-30 17:59 - 00002525 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-24 15:16 - 2013-11-30 17:41 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-05-24 15:16 - 2013-11-30 17:41 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-05-23 20:20 - 2014-05-08 16:38 - 00005632 _____ () C:\Users\Julian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 19:38 - 2013-11-30 17:19 - 00000000 ____D () C:\Users\Julian\AppData\Local\VirtualStore
2014-05-23 19:34 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz
2014-05-23 14:52 - 2014-05-23 14:51 - 00754801 _____ () C:\Users\Lorenz\Downloads\DIGDOGS.ZIP
2014-05-19 15:52 - 2014-01-18 18:18 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 15:03 - 2014-05-19 14:58 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Craften Terminal
2014-05-19 14:56 - 2014-05-07 15:57 - 00030720 ___SH () C:\Users\Lorenz\Desktop\Thumbs.db
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Mozilla
2014-05-19 14:51 - 2014-05-19 14:51 - 00000000 ____D () C:\extensions
2014-05-19 14:51 - 2013-12-25 13:55 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\VirtualStore
2014-05-18 15:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-18 14:28 - 2013-12-25 11:01 - 00090962 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 21:07 - 2013-12-25 13:55 - 00000000 ___RD () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 18:48 - 2013-12-25 12:03 - 00000000 ___RD () C:\Users\Julian\SkyDrive
2014-05-16 18:48 - 2013-11-30 17:20 - 00000000 ___RD () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieUserList
2014-05-16 17:25 - 2014-05-16 17:25 - 00000000 __SHD () C:\Users\Jochen\AppData\Local\EmieSiteList
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 17:25 - 2014-01-06 17:33 - 00000000 ___RD () C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 17:24 - 2013-12-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-16 17:05 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 21:10 - 2013-12-24 21:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 21:09 - 2013-12-24 21:29 - 93223848 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 16:08 - 2014-05-14 16:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-14 15:47 - 2014-05-14 15:47 - 00774825 _____ () C:\Users\Julian\Downloads\steamcmd.zip

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Julian\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9fbrlv.dll
C:\Users\Julian\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Julian\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Julian\AppData\Local\Temp\ose00000.exe
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
C:\Users\Julian\AppData\Local\Temp\TINspireCASStudentSoftware-3.6.0.550.exe
C:\Users\Rainer\AppData\Local\Temp\_is346B.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-05 15:40

==================== End Of Log ============================

--- --- ---

--- --- ---

So dies sollte alles sein(wenn auch später als erwartet:/)
Huch mir fällt grad auf Flash Player nicht aktuell... Bei nächster Gelegenheit wirds nachgeholt...

schrauber · 13.06.2014, 15:11

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\extensions
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

green_lion · 13.06.2014, 16:16

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02
Ran by Julian at 2014-06-13 17:12:28 Run:1
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog ====

Rest kommt gleich noch mit einer Bewertung und ner kurzen Frage hinterher

Fällt grad auf muss keine Logs mehr Posten

Naja... wann kann man wieder mit freiwerdenden Bewerber-Stellen rechnen?
Sollte sich jetzt erledigt haben

Vielen dank nochmal für deine Hilfe

schrauber · 14.06.2014, 15:12

Kann man so nicht sagen, immer mal wieder in den entsprechenden Thread schauen

.

Gern Geschehen

green_lion · 22.06.2014, 18:40

So ich will auch noch einmal unseren Laptop scannen lassen

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-06-2014 01
Ran by Benutzer at 2014-06-22 19:32:41
Running from C:\Users\Benutzer\Desktop\Trojaner Board Anwendungen
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.233 - Adobe Systems Incorporated)
Adobe Reader 8.1.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81300000003}) (Version: 8.1.4 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.4.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.2.23821 - Ask.com) <==== ATTENTION
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0007 - ASUS)
ASUS Data Security Manager (HKLM\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0006 - ASUS)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.10 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.6 - ASUS)
ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.18 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0005 - ASUS)
ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version:  - )
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{5EB5EEA7-6432-5827-0080-899DA70A97BA}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0012 - ATK)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0000 - ASUS)
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO TurboUSB for FLASH/HDD (HKLM\...\UN070618) (Version:  - )
Bus-Simulator 2009 (HKLM\...\Bus-Simulator 2009_is1) (Version:  - astragon Software GmbH)
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.0.20 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
Catalyst Control Center Core Implementation (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0309.2141.36947 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Czech (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Danish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Dutch (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help English (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Finnish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help French (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help German (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Greek (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Italian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Japanese (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Korean (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Polish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Russian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Spanish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Swedish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Thai (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Turkish (Version: 2008.0309.2140.36947 - ATI) Hidden
ccc-Branding (HKLM\...\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0309.2141.36947 - ATI) Hidden
ccc-utility (Version: 2008.0309.2141.36947 - ATI) Hidden
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.2908 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.1924 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DDBAC (HKLM\...\{F161B4FF-3976-4917-BD27-CA28C95A13AE}) (Version: 5.3.0 - DataDesign)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version:  - )
Die*Sims™*3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.8.9.0 - DVDVideoSoftTB DE)
ElsterFormular (HKLM\...\ElsterFormular 11.2.0.4074) (Version: 11.2.0.4074 - Landesfinanzdirektion Thüringen)
Exif-Viewer 2.51  (HKLM\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Express Gate (HKLM\...\{27D51A76-371D-48B6-B06E-4137A15B7583}) (Version: 0.7.7.0 - devicevm)
FlightGear 2.10.0.3 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
Gehirnjogging 3 (HKLM\...\Gehirnjogging 3) (Version: 6.3 - SBT)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Green Line 1 Sprachtrainer (HKLM\...\{BC1ECCD7-EE86-4231-AF1B-6E52B49A4532}) (Version: 1.00.000 - Klett)
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
IMinent Toolbar (HKLM\...\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}) (Version: 3.26.0 - IMinent) <==== ATTENTION
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_15 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142150}) (Version: 1.4.2_15 - Sun Microsystems, Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LADSPA_plugins-win-0.4.15 (HKLM\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM\...\{611ED207-22E5-4543-B9D3-E73096759A4F}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver (HKLM\...\{D30E4145-9120-4497-AD35-F78482C3CF88}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM\...\{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}) (Version: 2.0.108.0 - LEGO)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MyDriveConnect 3.3.0.1502 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
Norton Internet Security (HKLM\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
phase-6 2.3.2b (HKLM\...\phase-6) (Version: 2.3.2b - phase-6)
Pivot Stickfigure Animator (HKLM\...\{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}) (Version: 2.2.5 - Peter Bone)
QuickShare (HKLM\...\{B3742C7A-A0FF-42FE-968D-1D5EFDEBA63A}) (Version: 1.6.1.950 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM\...\QuickTime) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5543 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Rossmann Fotoservice 2.6 (HKLM\...\Rossmann Fotoservice_is1) (Version:  - )
Rossmann Fotowelt Software 4.12.1 (HKLM\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Rossmann Online Print Wizard Installer 1.0 (HKLM\...\Rossmannr Online Print Wizard Installer_is1) (Version:  - )
Skins (Version: 2008.0309.2141.36947 - ATI) Hidden
Skiregion Simulator 2012 (HKLM\...\SkiRegionSimulator2012DE_is1) (Version: 1.0 - GIANTS Software)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sprachtrainer Fonts (HKLM\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Star Wars: The Old Republic (HKLM\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Sven XXX - XXL (HKLM\...\{BE5D79E8-0B8E-4E97-97E1-3CDEBAB2DEB1}) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
TI-Nspire CAS Student Software (HKLM\...\TI-Nspire CAS Student Software) (Version: 3.1.0.392 - Texas Instruments)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
USB2.0 UVC 1.3M WebCam (HKLM\...\USB2.0 UVC 1.3M WebCam) (Version:  - )
Virtual DJ Toolbar (HKLM\...\{56444A2D-5637-006A-76A7-A758B70C0A00}) (Version: 12.10.0.2910 - APN, LLC)
VirtualDJ Home FREE (HKLM\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)
XAMPP (HKLM\...\xampp) (Version: 1.8.2-1 - BitNami)
Zahlenbuch 2 (HKLM\...\Zahlenbuch 2) (Version:  - )
Zahlenbuch 3 (HKLM\...\{ED587EAA-3462-4C77-9E24-BCA340EC8B03}_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

17-04-2014 09:58:36 Geplanter Prüfpunkt
19-04-2014 12:24:08 Geplanter Prüfpunkt
26-04-2014 09:50:09 Geplanter Prüfpunkt
22-06-2014 10:04:18 Gerätetreiber-Paketinstallation: TomTom Netzwerkadapter
22-06-2014 11:24:23 Removed Babylon Chrome Toolbar

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {040A10A5-0249-4C66-BE3C-3076F1048A90} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {0E7F0BB8-B369-468D-AC1C-7222F140AA6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-11] (Google Inc.)
Task: {15DE8411-F1BC-46C7-952A-9919FF953B79} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {21822DE4-81ED-4E4A-9EF3-4157D3629614} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-06-18] (ASUS)
Task: {28FC0DED-36D4-4665-9384-8A126D2BE180} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {947B502F-8896-44F9-B9B3-1E3BB90636F6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A673284B-26B7-4D70-B030-3E6E4FE3A8F5} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {A96DF3F8-09CC-4D3C-8CB8-05FE8A1507D5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B4D23D6A-5F78-4914-A565-66C945DDF0A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-11] (Google Inc.)
Task: {CCF966C5-36A6-4344-9562-8DA478984882} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {D4E76511-B795-4B52-9104-5A784DBFE5A1} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {E20B1106-760A-47DC-B48D-C94F8154BFE8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-09-28 21:31 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
2008-09-28 21:31 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
2008-02-04 22:29 - 2008-02-04 22:29 - 00688128 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2012-04-09 17:13 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2008-09-28 21:31 - 2007-05-18 11:31 - 00073728 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
2008-09-28 21:10 - 2007-02-06 03:13 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2008-09-28 21:31 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2008-03-09 16:01 - 2008-03-09 16:01 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-09-28 21:33 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2008-09-28 21:10 - 2004-05-28 03:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2008-09-28 21:11 - 2007-01-18 04:26 - 07708672 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2008-09-28 21:17 - 2007-07-06 01:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2008-09-28 21:10 - 2006-12-19 02:26 - 02420736 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2008-09-28 21:10 - 2007-04-17 22:39 - 00077824 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2008-09-28 21:35 - 2007-08-03 21:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2008-09-28 21:35 - 2007-09-14 19:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2008-09-28 21:35 - 2003-11-28 11:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2008-09-28 21:35 - 2005-08-30 00:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2008-09-28 21:35 - 2003-09-10 01:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
2008-09-28 21:35 - 2006-04-04 19:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
2008-09-28 21:35 - 2005-04-08 04:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2008-07-19 04:52 - 2008-07-19 04:52 - 00649704 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2008-09-28 21:38 - 2008-09-28 21:38 - 00033136 _____ () C:\Windows\ASScrPro.exe
2007-07-12 22:55 - 2007-07-12 22:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 22:59 - 2007-08-14 22:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 22:55 - 2007-07-12 22:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00032024 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00044312 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00018712 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00111896 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 01703704 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00078104 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00012568 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00662296 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00081176 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00013592 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00016152 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00019736 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00021272 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00057112 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00013592 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-05-31 21:08 - 2013-05-31 21:08 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00014104 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00051480 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-05-12 12:58 - 2013-05-12 12:58 - 00047384 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-05-12 12:57 - 2013-05-12 12:57 - 00025368 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-05-12 12:59 - 2013-05-12 12:59 - 00025368 _____ () C:\Users\Benutzer\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-12-14 17:40 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Benutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2007-03-07 02:03 - 2007-03-07 02:03 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-03-17 12:59 - 2014-03-17 12:59 - 00026488 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00082808 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00357752 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2008-10-15 01:03 - 2008-10-15 01:03 - 03076096 _____ () c:\program files\adobe\reader 8.0\reader\rdlang32.deu
2007-05-11 02:54 - 2007-05-11 02:54 - 00036864 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Spelling.DEU
2007-05-11 02:53 - 2007-05-11 02:53 - 00974848 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\PPKLite.DEU
2007-05-11 02:50 - 2007-05-11 02:50 - 00077824 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Accessibility.DEU
2007-05-11 02:50 - 2007-05-11 02:50 - 00811008 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm.DEU
2007-05-11 02:51 - 2007-05-11 02:51 - 01224704 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annots.DEU
2007-05-11 02:51 - 2007-05-11 02:51 - 00192512 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Checkers.DEU
2007-05-11 02:51 - 2007-05-11 02:51 - 00221184 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\DigSig.DEU
2006-10-23 01:30 - 2006-10-23 01:30 - 00028672 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\eBook.DEU
2008-01-11 21:49 - 2008-01-11 21:49 - 00098304 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EScript.DEU
2007-05-11 02:52 - 2007-05-11 02:52 - 00006656 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EWH32.DEU
2006-10-23 01:31 - 2006-10-23 01:31 - 00013312 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\HLS.DEU
2007-05-11 02:52 - 2007-05-11 02:52 - 00086016 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\MakeAccessible.DEU
2007-05-11 02:52 - 2007-05-11 02:52 - 00159744 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia.DEU
2006-10-23 01:32 - 2006-10-23 01:32 - 00011264 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\PDDom.DEU
2007-05-11 02:53 - 2007-05-11 02:53 - 00013312 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ReadOutLoud.DEU
2006-10-23 01:33 - 2006-10-23 01:33 - 00008192 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\reflow.DEU
2007-05-11 02:53 - 2007-05-11 02:53 - 00028672 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SaveAsRTF.DEU
2007-05-11 02:54 - 2007-05-11 02:54 - 00053248 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search.DEU
2006-10-23 01:33 - 2006-10-23 01:33 - 00012288 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search5.DEU
2007-05-11 02:54 - 2007-05-11 02:54 - 00026112 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SendMail.DEU
2006-10-23 01:34 - 2006-10-23 01:34 - 00005120 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Updater.DEU
2007-05-11 02:55 - 2007-05-11 02:55 - 00053248 _____ () C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\weblink.DEU
2007-01-13 03:01 - 2007-01-13 03:01 - 00397312 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
2007-01-13 03:01 - 2007-01-13 03:01 - 00475136 ____R () C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{495F68CD-5040-4115-9016-0DCA28777065}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun-Miniportadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2014 07:17:31 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTONDATA\21.0.0.100\DEFINITIONS\VIRUSDEFS\TMP1458.TMP\STREAM.DIS> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/22/2014 02:14:43 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTONDATA\21.0.0.100\DEFINITIONS\VIRUSDEFS\TMP2C97.TMP\STREAM.DIS> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/22/2014 00:53:55 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTONDATA\21.0.0.100\DEFINITIONS\VIRUSDEFS\TMP6EBC.TMP\STREAM.DIS> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/22/2014 11:48:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2014 01:38:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16450 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: cc8
Anfangszeit: 01cf8c7c013f7c2d
Zeitpunkt der Beendigung: 26

Error: (06/20/2014 01:34:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2014 10:30:53 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (06/19/2014 10:13:53 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\35.0.1916.153\LOCALES\EN-US.PAK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/19/2014 10:13:53 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\35.0.1916.153\LOCALES\EN-GB.PAK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/19/2014 10:13:53 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\PROGRAM FILES\GOOGLE\CHROME\APPLICATION\35.0.1916.153\LOCALES\EL.PAK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (06/22/2014 11:52:02 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/22/2014 11:51:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000IPBusEnum

Error: (06/22/2014 11:50:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/22/2014 11:48:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: mysql%%3

Error: (06/22/2014 11:48:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Apache2.4%%3

Error: (06/22/2014 11:48:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 01:38:41 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/20/2014 01:36:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 01:34:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: mysql%%3

Error: (06/20/2014 01:34:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Apache2.4%%3


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-22 19:32:11.214
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:32:10.513
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:32:09.715
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:32:08.985
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:31:46.675
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:31:45.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:31:44.378
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 19:31:43.642
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 17:34:28.133
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 17:34:27.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 3070.54 MB
Available physical RAM: 1431.73 MB
Total Pagefile: 6343.34 MB
Available Pagefile: 4763.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.28 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:60.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:139.28 GB) (Free:139.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=10 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139 GB) - (Type=OF Extended)

==================== End Of Log ============================

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-06-2014 01
Ran by Benutzer (administrator) on BENUTZER-PC on 22-06-2014 19:30:52
Running from C:\Users\Benutzer\Desktop\Trojaner Board Anwendungen
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\nis.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\nis.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(LogMeIn Inc.) C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\hamachi-2.exe
(LogMeIn, Inc.) C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
() C:\Windows\ASScrPro.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Smartbar) C:\Users\Benutzer\AppData\Local\Smartbar\Application\QuickShare.exe
() C:\Users\Benutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-14] (CyberLink Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4853760 2008-01-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2008-06-25] (ASUS)
HKLM\...\Run: [ASUSTPE] => C:\Windows\system32\ASUSTPE.exe [106496 2007-10-12] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2008-09-28] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2008-09-28] ()
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => "C:\Program Files\Ask.com\Updater\Updater.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [358472 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [1809992 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [3649096 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [ApnTBMon] => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Benutzer\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-05-12] (Smartbar)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [DAEMON Tools Lite] => "I:\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [Amazon Cloud Player] => C:\Users\Benutzer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {28828199-9aca-11de-9762-002354106daf} - G:\Launcher.exe
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {28c884d8-020a-11df-8200-002354106daf} - H:\LaunchU3.exe -a
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {2b0d6691-65b5-11e3-b1da-002354106daf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {55a440e8-ff87-11e2-97cc-002354106daf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {e9bf7021-2fe1-11e3-8663-002354106daf} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1995907402-2643437171-1976029676-1000\...\MountPoints2: {ed4bc99a-2348-11e3-a2c1-002354106daf} - F:\cdstart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\phase-6\reminder\reminder.exe (phase-6)
ShellIconOverlayIdentifiers: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
URLSearchHook: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
URLSearchHook: HKCU - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKCU - bProtectorDefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Virtual DJ Toolbar - {56444A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\VDJ-V7\Passport.dll" No File
BHO: TBSB01620 Class - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll No File
Toolbar: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Virtual DJ Toolbar - {56444A2D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\VDJ-V7\Passport.dll" No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKCU - DVDVideoSoftTB DE Toolbar - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://www.olb.de/olb_fb3_1867b/plugin/AXFOAM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_15-windows-i586.cab
DPF: {C752FF21-A8EF-468E-B507-5BBAFB84359E} https://hbciweb.olb.de/financebrowser5/plugin/Signlet-Plugin.CAB
DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-03]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-06-22]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-06]
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF Extension: BrowserProtect - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012-12-17]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR NewTab: "chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.137\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (QuickShare Widget) - C:\Users\Benutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-06-01]
CHR Extension: (Skype Click to Call) - C:\Users\Benutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-08]
CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Benutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-12-15]
CHR Extension: (Google Wallet) - C:\Users\Benutzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-25]
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2012-12-17]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Benutzer\AppData\Local\Smartbar/Application\1Extension.crx [2013-05-12]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-05-12]

========================== Services (Whitelisted) =================

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] () [File not signed]
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-17] (APN LLC.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Hamachi2Svc; C:\Users\Benutzer\PRIVAT\Julian Übungsaufgaben u.Schule\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 Apache2.4; "I:\xampp\xampp\apache\bin\httpd.exe" -k runservice [X]
S2 mysql; I:\xampp\xampp\mysql\bin\mysqld.exe --defaults-file=i:\xampp\xampp\mysql\bin\my.ini mysql

==================== Drivers (Whitelisted) ====================

R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [29752 2007-08-11] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
S3 bfturboh; C:\Windows\System32\drivers\bfturboh.sys [17280 2008-07-22] (BUFFALO INC.) [File not signed]
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140606.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1503000.00C\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-21] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-09-22] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-11] (Symantec Corporation)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140620.001\IDSvix86.sys [395992 2014-03-26] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-23] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-23] (Logitech Inc.)
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140621.001\NAVENG.SYS [93272 2013-12-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140621.001\NAVEX15.SYS [1612376 2013-12-06] (Symantec Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1772544 2008-05-13] ()
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1503000.00C\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1503000.00C\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1503000.00C\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1503000.00C\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1503000.00C\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1503000.00C\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [122752 2010-03-29] (Texas Instruments)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-21] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-22 19:29 - 2014-06-22 19:31 - 00000000 ____D () C:\FRST
2014-06-22 12:05 - 2014-06-22 12:05 - 00000000 ____D () C:\Users\Benutzer\AppData\Local\TomTom
2014-06-22 12:05 - 2014-06-22 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Windows\LastGood
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Program Files\TomTom International B.V
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Program Files\MyDrive Connect
2014-05-26 20:47 - 2014-05-26 20:47 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

2014-06-22 19:31 - 2014-06-22 19:29 - 00000000 ____D () C:\FRST
2014-06-22 19:22 - 2010-12-11 16:16 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 18:46 - 2012-04-24 16:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-22 17:46 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 17:46 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 12:07 - 2006-11-02 12:33 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 12:05 - 2014-06-22 12:05 - 00000000 ____D () C:\Users\Benutzer\AppData\Local\TomTom
2014-06-22 12:05 - 2014-06-22 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Windows\LastGood
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Program Files\TomTom International B.V
2014-06-22 12:04 - 2014-06-22 12:04 - 00000000 ____D () C:\Program Files\MyDrive Connect
2014-06-22 12:04 - 2008-12-15 20:41 - 00000000 ____D () C:\Users\Benutzer
2014-06-22 12:00 - 2011-03-16 17:59 - 00000000 ____D () C:\Users\Benutzer\Desktop\Julian
2014-06-22 11:56 - 2008-09-28 19:40 - 01547081 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 11:49 - 2012-04-10 16:39 - 00000000 ____D () C:\Users\Benutzer\AppData\Local\LogMeIn Hamachi
2014-06-22 11:46 - 2010-12-11 16:16 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-22 11:46 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 14:21 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-18 20:16 - 2012-07-16 13:23 - 00000000 ____D () C:\Users\Benutzer\Documents\VirtualDJ
2014-06-18 16:49 - 2012-05-11 20:28 - 00000000 ____D () C:\Users\Benutzer\AppData\Roaming\Skype
2014-06-18 16:41 - 2012-12-18 15:49 - 00000000 ____D () C:\Users\Benutzer\AppData\Local\CrashDumps
2014-06-15 19:20 - 2008-01-21 04:47 - 01681756 _____ () C:\Windows\PFRO.log
2014-05-31 17:50 - 2008-12-25 14:00 - 00089088 _____ () C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-30 20:19 - 2009-04-20 21:01 - 00000000 ____D () C:\Users\Benutzer\Fotos
2014-05-26 20:47 - 2014-05-26 20:47 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-26 20:47 - 2013-01-26 18:42 - 00000000 ___RD () C:\Program Files\Skype
2014-05-26 20:47 - 2012-05-11 20:27 - 00000000 ____D () C:\ProgramData\Skype
2014-05-26 20:42 - 2012-12-05 19:53 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-05-26 20:41 - 2013-12-06 14:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-25 13:01 - 2012-12-20 17:31 - 00000000 ____D () C:\Users\Benutzer\AppData\Roaming\.minecraft

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad


Some content of TEMP:
====================
C:\Users\Benutzer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Benutzer\AppData\Local\Temp\i4jdel1.exe
C:\Users\Benutzer\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.2-R1.0-b2879jnks.dll
C:\Users\Benutzer\AppData\Local\Temp\lgps_lgps.exe
C:\Users\Benutzer\AppData\Local\Temp\uninst1.exe
C:\Users\Benutzer\AppData\Local\Temp\w8fbkszf.dll
C:\Users\Benutzer\AppData\Local\Temp\{4CD36E83-80A2-4204-88C7-3EF4A9650E04}-32.0.1700.76_chrome_installer.exe
C:\Users\Benutzer\AppData\Local\Temp\{6210E994-1BE6-413B-90C7-1DBC5C056D01}-32.0.1700.76_31.0.1650.63_chrome_updater.exe
C:\Users\Benutzer\AppData\Local\Temp\{8663161A-6E2C-484B-9F10-E5CC905C4BD0}-35.0.1916.114_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-22 11:56

==================== End Of Log ============================

--- --- ---

Wenn ich jetzt aufgepasst habe, schätze ich mal das ich die Programme,
die ein --->Attention hinter dem Namen haben mit dem Revo Uninstaller bzw erstmal per Systemsteuerung deinstallieren soll- oder liege ich da falsch?

Gruß green_lion

schrauber · 23.06.2014, 15:31

Zitat:

Wenn ich jetzt aufgepasst habe, schätze ich mal das ich die Programme,
die ein --->Attention hinter dem Namen haben mit dem Revo Uninstaller bzw erstmal per Systemsteuerung deinstallieren soll- oder liege ich da falsch?

genau das

Danach:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

08.06.2014, 09:50	#8
schrauber /// the machine /// TB-Ausbilder	giw.mapopen.net Werbung alles klar __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.06.2014, 15:12	#12
schrauber /// the machine /// TB-Ausbilder	giw.mapopen.net Werbung Kann man so nicht sagen, immer mal wieder in den entsprechenden Thread schauen . Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

giw.mapopen.net Werbung

Plagegeister aller Art und deren Bekämpfung: giw.mapopen.net Werbung