Trojaner-Board - Windows Sidebar ohne Grafiken und Internetverbindung (WLAN) erst nach Minuten

FRST.txt

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01

Ran by Nutzer (administrator) on Nutzer-PC on 13-12-2013 11:17:02

Running from C:\Users\Nutzer\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Flux Software LLC) C:\Users\Nutzer\AppData\Local\FluxSoftware\Flux\flux.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe

(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe

(ASUS) C:\Windows\AsScrPro.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Trend Micro Inc.) C:\Users\Nutzer\Downloads\HijackThis.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe

(Oracle Corporation) D:\VirtualBox\VBoxSVC.exe

(Oracle Corporation) D:\VirtualBox\VirtualBox.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Communications)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations)

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [AdobeBridge] - [x]

HKCU\...\Run: [F.lux] - C:\Users\Nutzer\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

MountPoints2: {e48c3eeb-1e85-11e2-a7e0-fb90928592d6} - E:\setup.exe

HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [3331312 2012-02-24] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)

HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)

HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)

HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-06] (AVAST Software)

HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\bd8b5be3-5c9e-458d-9149-36c4c4f4f270.exe /check

AppInit_DLLs: C:\Windows\System32\nvinitx.dll [260416 2012-03-04] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214848 2012-03-04] (NVIDIA Corporation)

Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=ds&q={searchTerms}&installDate={installDate}

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=hp&installDate={installDate}

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=ds&q={searchTerms}&installDate={installDate}

SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=b5407523-9d30-4afa-ade6-2dcf8cf63eec&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=b5407523-9d30-4afa-ade6-2dcf8cf63eec&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=ds&q={searchTerms}&installDate={installDate}

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=ds&q={searchTerms}&installDate={installDate}

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\..\Interfaces\{952061AE-52BE-43CD-A0C4-ED203E4903FF}: [NameServer]192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default

FF DefaultSearchEngine: Google

FF SelectedSearchEngine: Google

FF Homepage: google.de

FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=b5407523-9d30-4afa-ade6-2dcf8cf63eec&affid=111583&searchtype=ds&babsrc=lnkry&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\searchplugins\Web Search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: DownloadHelper - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF Extension: Block site - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}

FF Extension: firebug - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\Extensions\firebug@software.joehewitt.com.xpi

FF Extension: sharemenot - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\Extensions\sharemenot@franziroesner.com.xpi

FF Extension: YoutubeDownloader - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
 

==================== Services (Whitelisted) =================
 

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-17] (ASUS)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-06] (AVAST Software)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)

R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros)

S4 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
 

==================== Drivers (Whitelisted) ====================
 

R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)

R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)

R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-06] (AVAST Software)

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-06] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-06] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-06] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-06] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-06] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-06] ()

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-10] (DT Soft Ltd)

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )

S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [106040 2009-03-12] (AhnLab, Inc.)

S3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [180280 2009-08-18] (AhnLab, Inc.)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-12-13 11:17 - 2013-12-13 11:17 - 00018960 _____ C:\Users\Nutzer\Downloads\FRST.txt

2013-12-13 11:16 - 2013-12-13 11:16 - 00000000 ____D C:\FRST

2013-12-13 11:15 - 2013-12-13 11:16 - 01927462 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe

2013-12-13 08:45 - 2013-12-13 08:46 - 00014753 _____ C:\Users\Nutzer\Downloads\hijackthis.log

2013-12-13 08:45 - 2013-12-13 08:45 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nutzer\Downloads\HijackThis.exe

2013-12-12 09:24 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-12-12 09:24 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-12-12 09:24 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-12-12 09:24 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-12-12 09:23 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-12 09:23 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-12-12 09:23 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-12-12 09:23 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-12 09:23 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-12-12 09:23 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-12-12 09:23 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-12 09:23 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-12-12 09:23 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-12-12 09:23 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-12-12 09:23 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-12-12 09:23 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-12-12 09:23 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-12-12 09:23 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-12-12 09:23 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-12 09:23 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-12 09:23 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-12-12 09:23 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-12-12 09:23 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-12-12 09:23 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-12-12 09:23 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-12 09:23 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-12-12 09:23 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-12 09:23 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-12 09:23 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-12 09:23 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-12-12 09:23 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-12-12 09:23 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-12 09:23 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-12 09:22 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-12 09:22 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-12 09:21 - 2013-12-12 09:21 - 00000000 ___RD C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2013-12-11 12:06 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-11 12:06 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-11 12:06 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-12-11 12:06 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-12-11 12:06 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-11 12:06 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-11 12:06 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-11 12:06 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-11 12:06 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-11 12:05 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-11 12:05 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-11 12:05 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2013-12-11 12:05 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-11 12:05 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2013-12-11 12:05 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-11 12:05 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2013-12-11 12:05 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-11 12:05 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2013-12-11 12:05 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-10 16:45 - 2013-12-10 16:46 - 00021035 _____ C:\Users\Nutzer\Documents\UStVA2013_11_November_Alexander_Fink.elfo

2013-12-09 10:46 - 2013-12-09 10:46 - 701790564 _____ C:\Windows\MEMORY.DMP

2013-12-09 10:46 - 2013-12-09 10:46 - 00289592 _____ C:\Windows\Minidump\120913-59545-01.dmp

2013-12-09 10:46 - 2013-12-09 10:46 - 00000000 ____D C:\Windows\Minidump

2013-12-09 04:08 - 2013-12-09 04:08 - 00243766 _____ C:\Users\Nutzer\Downloads\www.rofl.to_statement.avi

2013-12-06 21:27 - 2013-12-06 21:27 - 00002026 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk

2013-12-06 21:27 - 2013-12-06 21:27 - 00001966 _____ C:\Users\Public\Desktop\avast! Pro Antivirus.lnk

2013-12-06 21:27 - 2013-12-06 21:27 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\AVAST Software

2013-12-06 21:26 - 2013-12-06 21:26 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-12-06 21:26 - 2013-12-06 21:26 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-12-06 21:26 - 2013-12-06 21:26 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2013-12-06 21:18 - 2013-12-06 21:18 - 04733592 _____ (AVAST Software) C:\Users\Nutzer\Downloads\avast_pro_antivirus_setup_online.exe

2013-12-06 21:03 - 2013-12-06 21:03 - 00350080 _____ (AVAST Software) C:\Users\Nutzer\Downloads\avastclear.exe

2013-11-29 18:58 - 2013-11-29 18:58 - 00944207 _____ (Benichou Software                                           ) C:\Users\Nutzer\Downloads\ITNConvSetup.exe

2013-11-29 18:58 - 2013-11-29 18:58 - 00001041 _____ C:\Users\Public\Desktop\ITN Converter.lnk

2013-11-29 18:58 - 2013-11-29 18:58 - 00000000 ____D C:\Program Files (x86)\ITN Converter

2013-11-29 14:48 - 2013-11-29 14:48 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royaltek

2013-11-29 14:48 - 2013-11-29 14:48 - 00000000 ____D C:\Program Files (x86)\RoyalTek

2013-11-29 14:47 - 2013-11-29 14:47 - 00941691 _____ C:\Users\Nutzer\Downloads\RBT-2001 driver.zip

2013-11-27 22:10 - 2013-11-27 22:10 - 00000000 ____D C:\Users\Nutzer\Eigene Routen

2013-11-27 21:35 - 2013-11-27 22:08 - 00000000 ____D C:\Users\Nutzer\.hgt

2013-11-27 21:35 - 2013-11-27 21:35 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouteConverter

2013-11-27 21:35 - 2013-11-27 21:35 - 00000000 ____D C:\Users\Nutzer\.swt

2013-11-23 16:44 - 2013-11-23 16:44 - 00205262 _____ C:\Users\Nutzer\Downloads\Odin Multi Downloader v4.43.zip

2013-11-23 16:43 - 2013-11-23 16:43 - 00549408 _____ C:\Users\Nutzer\Downloads\bootloader.zip

2013-11-23 16:43 - 2013-11-23 16:43 - 00000225 _____ C:\Users\Nutzer\Downloads\AriesVE.zip

2013-11-23 16:26 - 2013-11-23 16:31 - 134368798 _____ C:\Users\Nutzer\Downloads\cm-9-20120920-ivendor-ariesve-rc2.zip

2013-11-23 16:26 - 2013-11-23 16:29 - 52048746 _____ C:\Users\Nutzer\Downloads\gapps-ics-20120429-signed.zip

2013-11-23 15:54 - 2013-11-23 15:54 - 04100578 _____ C:\Users\Nutzer\Downloads\CWM5504-CM9-recovery.zip

2013-11-23 15:53 - 2013-11-23 15:54 - 08123763 _____ C:\Users\Nutzer\Downloads\9001_stock_recovery-signed.zip

2013-11-23 15:44 - 2013-11-23 16:05 - 261557919 _____ C:\Users\Nutzer\Downloads\I9001BUKP2_I9001VD2KP1_VD2.zip

2013-11-23 15:43 - 2013-11-23 15:44 - 24095694 _____ C:\Users\Nutzer\Downloads\Samsung USB Driver 2.1.0.1195.zip

2013-11-23 15:43 - 2013-11-23 15:43 - 00000132 _____ C:\Users\Nutzer\Downloads\AriesVE.ops.txt

2013-11-22 13:15 - 2013-11-22 13:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf

2013-11-22 13:11 - 2013-11-22 13:11 - 00518368 _____ C:\Users\Nutzer\Downloads\Root-i9001-Signed.zip

2013-11-22 13:11 - 2013-11-22 13:11 - 00249519 _____ C:\Users\Nutzer\Downloads\Easy_Reboot_Recovery.zip

2013-11-22 13:11 - 2013-11-22 13:11 - 00121580 _____ C:\Users\Nutzer\Downloads\UnRoot-i9001-Signed.zip

2013-11-22 13:03 - 2013-11-22 13:03 - 06563840 _____ C:\Users\Nutzer\Downloads\CWM_s2vep_k2wl.tar

2013-11-22 12:52 - 2013-11-22 12:52 - 00000000 ____D C:\ProgramData\Samsung

2013-11-22 12:52 - 2013-11-22 12:52 - 00000000 ____D C:\Program Files\SAMSUNG

2013-11-22 12:52 - 2013-01-31 09:19 - 01917416 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01005.dll

2013-11-22 12:52 - 2013-01-31 09:19 - 01917416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01005.dll

2013-11-22 12:52 - 2013-01-31 09:19 - 00177640 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00172104 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdm.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00157672 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00136264 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdbus.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00036328 _____ (Google Inc) C:\Windows\system32\Drivers\ssadadb.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00019016 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdfl.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00016872 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00015944 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwhnt.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00015432 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcmnt.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00013800 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00013800 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00013288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys

2013-11-22 12:52 - 2013-01-31 09:19 - 00013288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys

2013-11-22 12:31 - 2013-11-22 12:31 - 06484894 _____ C:\Users\Nutzer\Downloads\CWMtouch-i9105_chotu.tar.md5.zip

2013-11-22 12:30 - 2013-11-22 12:31 - 14759040 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Nutzer\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones(2).exe

2013-11-22 12:30 - 2013-11-22 12:30 - 00467537 _____ C:\Users\Nutzer\Downloads\Odin304.zip

2013-11-20 14:26 - 2013-11-20 14:26 - 00000000 ____D C:\Windows\WindowsMobile

2013-11-20 14:25 - 2013-11-20 14:25 - 13054856 _____ (Microsoft Corporation) C:\Users\Nutzer\Downloads\drvupdate-amd64.exe

2013-11-20 14:24 - 2013-11-20 14:24 - 12644232 _____ (Microsoft Corporation) C:\Users\Nutzer\Downloads\drvupdate6965-x86.exe

2013-11-20 14:22 - 2013-11-20 14:22 - 07844864 _____ C:\Users\Nutzer\Downloads\setup45dt.msi

2013-11-20 14:22 - 2013-11-20 14:22 - 00003036 _____ C:\Windows\System32\Tasks\{A69C3DF9-C122-4347-965C-F20A919EF4BE}

2013-11-20 02:42 - 2011-02-19 19:42 - 00004326 _____ C:\Users\Nutzer\Downloads\ubuntu.sh

2013-11-20 02:40 - 2011-08-05 19:36 - 4194304000 _____ C:\Users\Nutzer\Downloads\ubuntu.img

2013-11-20 02:36 - 2013-11-20 02:36 - 03995946 _____ C:\Users\Nutzer\Downloads\Vending.apk

2013-11-20 02:36 - 2013-11-20 02:36 - 03784518 _____ C:\Users\Nutzer\Downloads\Google_Play_Store_v3.4.7.apk

2013-11-20 01:53 - 2013-11-20 02:36 - 943718400 _____ C:\Users\Nutzer\Downloads\ubuntu.part1.rar

2013-11-20 01:53 - 2013-11-20 02:27 - 600293561 _____ C:\Users\Nutzer\Downloads\ubuntu.part2.rar

2013-11-20 00:25 - 2013-11-20 00:25 - 00049001 _____ C:\Users\Nutzer\Downloads\SDL.zip

2013-11-19 22:20 - 2013-11-20 00:04 - 00000000 ____D C:\Program Files (x86)\QemuManager

2013-11-19 22:20 - 2013-11-19 22:20 - 07706797 _____ (David T Reynolds                                            ) C:\Users\Nutzer\Downloads\setupqemuk70.exe

2013-11-19 22:18 - 2013-11-29 13:22 - 00000000 ____D C:\Program Files (x86)\Bochs-2.6.2

2013-11-19 22:17 - 2013-11-19 22:17 - 04691702 _____ C:\Users\Nutzer\Downloads\Bochs-2.6.2.exe

2013-11-19 22:13 - 2013-11-19 22:13 - 00682653 _____ C:\Users\Nutzer\Downloads\QEMU.apk

2013-11-19 22:13 - 2013-11-19 22:13 - 00057046 _____ C:\Users\Nutzer\Downloads\SDL(QEMU).zip

2013-11-19 22:13 - 2013-11-19 22:13 - 00049779 _____ C:\Users\Nutzer\Downloads\SDL(BOCHS).zip

2013-11-19 22:12 - 2013-11-19 22:12 - 01265427 _____ C:\Users\Nutzer\Downloads\Bochs2_5_1.apk

2013-11-19 22:11 - 2013-11-19 22:12 - 12041317 _____ C:\Users\Nutzer\Downloads\qemu-1.6.1.tar.bz2

2013-11-19 22:08 - 2013-11-19 22:08 - 00262144 _____ C:\Users\Nutzer\Downloads\Blank Image File.qcow2

2013-11-19 01:14 - 2013-11-19 01:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-11-19 01:07 - 2013-11-19 01:52 - 00000000 ____D C:\Users\Nutzer\Desktop\Backup

2013-11-19 00:36 - 2013-11-19 00:37 - 13879664 _____ C:\Users\Nutzer\Downloads\AML_Flash.zip

2013-11-19 00:25 - 2013-11-19 00:25 - 00000000 ____D C:\Windows\SysWOW64\tmp

2013-11-19 00:24 - 2013-11-19 00:24 - 00002990 _____ C:\Windows\System32\Tasks\{30001B4E-C90F-4E6F-98A1-4701233D3954}

2013-11-19 00:24 - 2013-11-19 00:24 - 00000000 ____D C:\Windows\SysWOW64\log

2013-11-19 00:07 - 2013-11-27 20:59 - 00000000 ____D C:\Users\Nutzer\Desktop\Tablet

2013-11-18 23:55 - 2013-11-19 00:00 - 47694194 _____ C:\Users\Nutzer\Downloads\Root_Gapps_complete.zip

2013-11-18 23:54 - 2013-11-18 23:54 - 00599795 _____ C:\Users\Nutzer\Downloads\SU-RootKeeper.zip

2013-11-18 23:48 - 2013-11-19 00:04 - 246661919 _____ C:\Users\Nutzer\Downloads\v712d-v2_v1.5.5.zip

2013-11-18 23:45 - 2013-11-18 23:45 - 00368978 _____ C:\Users\Nutzer\Downloads\ADB.zip

2013-11-18 23:29 - 2013-11-18 23:29 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Canneverbe Limited

2013-11-18 23:29 - 2013-11-18 23:29 - 00000000 ____D C:\ProgramData\Canneverbe Limited

2013-11-18 23:28 - 2013-11-18 23:28 - 00001955 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk

2013-11-18 23:28 - 2013-11-18 23:28 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

2013-11-18 23:26 - 2013-11-18 23:27 - 05232040 _____ (Canneverbe Limited                                          ) C:\Users\Nutzer\Downloads\28929_cdbxp_setup_4.5.0.3717.exe

2013-11-18 21:27 - 2013-11-18 22:33 - 612479966 _____ C:\Users\Nutzer\Downloads\Microsoft.Windows.XP.zip

2013-11-18 20:47 - 2013-11-18 20:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf

2013-11-17 20:37 - 2013-11-17 20:37 - 03992416 _____ (Piriform Ltd) C:\Users\Nutzer\Downloads\rcsetup149.exe

2013-11-15 22:53 - 2013-11-15 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-13 16:05 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-11-13 16:05 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-11-13 16:05 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2013-11-13 16:05 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-11-13 16:05 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-11-13 16:05 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2013-11-13 16:05 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2013-11-13 16:05 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2013-11-13 16:05 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2013-11-13 16:05 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2013-11-13 16:05 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2013-11-13 16:05 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2013-11-13 16:05 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2013-11-13 16:05 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2013-11-13 16:05 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2013-11-13 16:05 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2013-11-13 16:05 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2013-11-13 16:05 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2013-11-13 16:05 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2013-11-13 16:04 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2013-11-13 16:04 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2013-11-13 16:04 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2013-11-13 16:04 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2013-11-13 16:04 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-13 16:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 16:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2013-11-13 16:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-11-13 16:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-13 16:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-11-13 16:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2013-11-13 12:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-11-13 11:56 - 2013-11-13 11:56 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-13 11:56 - 2013-11-13 11:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-13 11:56 - 2013-11-13 11:56 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-13 11:56 - 2013-11-13 11:56 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-13 11:56 - 2013-11-13 11:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-13 11:56 - 2013-11-13 11:56 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-13 11:56 - 2013-11-13 11:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-13 11:54 - 2013-11-13 12:03 - 00010277 _____ C:\Windows\IE11_main.log
 

==================== One Month Modified Files and Folders =======
 

2013-12-13 11:17 - 2013-12-13 11:17 - 00018960 _____ C:\Users\Nutzer\Downloads\FRST.txt

2013-12-13 11:16 - 2013-12-13 11:16 - 00000000 ____D C:\FRST

2013-12-13 11:16 - 2013-12-13 11:15 - 01927462 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe

2013-12-13 10:25 - 2012-05-19 09:40 - 01580399 _____ C:\Windows\WindowsUpdate.log

2013-12-13 08:53 - 2012-10-11 14:26 - 00000000 ____D C:\Users\Nutzer\.VirtualBox

2013-12-13 08:46 - 2013-12-13 08:45 - 00014753 _____ C:\Users\Nutzer\Downloads\hijackthis.log

2013-12-13 08:45 - 2013-12-13 08:45 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nutzer\Downloads\HijackThis.exe

2013-12-13 08:29 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-13 08:29 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-13 08:22 - 2012-10-11 10:54 - 00000387 _____ C:\Users\Nutzer\AppData\Roaming\sp_data.sys

2013-12-13 08:21 - 2013-09-28 18:35 - 00016516 _____ C:\Windows\setupact.log

2013-12-13 08:21 - 2012-05-19 09:45 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

2013-12-13 08:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-13 08:19 - 2012-10-19 16:48 - 00000000 ____D C:\Users\Nutzer\AppData\Local\CrashDumps

2013-12-13 08:16 - 2011-02-19 05:24 - 00800414 _____ C:\Windows\system32\perfh007.dat

2013-12-13 08:16 - 2011-02-19 05:24 - 00181286 _____ C:\Windows\system32\perfc007.dat

2013-12-13 08:16 - 2009-07-14 06:13 - 00006248 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-13 02:00 - 2012-11-08 01:15 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Adobe

2013-12-12 19:59 - 2012-05-19 09:45 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

2013-12-12 16:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

2013-12-12 09:45 - 2009-07-14 05:45 - 04925192 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-12 09:21 - 2013-12-12 09:21 - 00000000 ___RD C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2013-12-11 01:19 - 2013-05-21 15:04 - 00000000 ____D C:\Program Files (x86)\JDownloader

2013-12-10 16:46 - 2013-12-10 16:45 - 00021035 _____ C:\Users\Nutzer\Documents\UStVA2013_11_November_Alexander_Fink.elfo

2013-12-09 10:46 - 2013-12-09 10:46 - 701790564 _____ C:\Windows\MEMORY.DMP

2013-12-09 10:46 - 2013-12-09 10:46 - 00289592 _____ C:\Windows\Minidump\120913-59545-01.dmp

2013-12-09 10:46 - 2013-12-09 10:46 - 00000000 ____D C:\Windows\Minidump

2013-12-09 10:46 - 2013-10-04 19:57 - 00004642 _____ C:\Windows\PFRO.log

2013-12-09 04:08 - 2013-12-09 04:08 - 00243766 _____ C:\Users\Nutzer\Downloads\www.rofl.to_statement.avi

2013-12-06 21:54 - 2013-05-21 15:05 - 00000000 ____D C:\Users\Nutzer\Downloads\JD

2013-12-06 21:27 - 2013-12-06 21:27 - 00002026 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk

2013-12-06 21:27 - 2013-12-06 21:27 - 00001966 _____ C:\Users\Public\Desktop\avast! Pro Antivirus.lnk

2013-12-06 21:27 - 2013-12-06 21:27 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\AVAST Software

2013-12-06 21:26 - 2013-12-06 21:26 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-12-06 21:26 - 2013-12-06 21:26 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-12-06 21:26 - 2013-12-06 21:26 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-12-06 21:26 - 2013-12-06 21:26 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2013-12-06 21:26 - 2012-10-11 15:33 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-12-06 21:19 - 2012-10-11 15:31 - 00000000 ____D C:\Program Files\AVAST Software

2013-12-06 21:18 - 2013-12-06 21:18 - 04733592 _____ (AVAST Software) C:\Users\Nutzer\Downloads\avast_pro_antivirus_setup_online.exe

2013-12-06 21:18 - 2012-10-11 15:31 - 00000000 ____D C:\ProgramData\AVAST Software

2013-12-06 21:14 - 2012-10-11 15:33 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-12-06 21:03 - 2013-12-06 21:03 - 00350080 _____ (AVAST Software) C:\Users\Nutzer\Downloads\avastclear.exe

2013-12-06 20:45 - 2013-09-29 09:51 - 00000000 ___HD C:\Users\Nutzer\Downloads\Neuer Ordner

2013-11-29 18:58 - 2013-11-29 18:58 - 00944207 _____ (Benichou Software                                           ) C:\Users\Nutzer\Downloads\ITNConvSetup.exe

2013-11-29 18:58 - 2013-11-29 18:58 - 00001041 _____ C:\Users\Public\Desktop\ITN Converter.lnk

2013-11-29 18:58 - 2013-11-29 18:58 - 00000000 ____D C:\Program Files (x86)\ITN Converter

2013-11-29 15:04 - 2012-10-11 23:18 - 00000000 ____D C:\Windows\System32\Tasks\Games

2013-11-29 14:48 - 2013-11-29 14:48 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royaltek

2013-11-29 14:48 - 2013-11-29 14:48 - 00000000 ____D C:\Program Files (x86)\RoyalTek

2013-11-29 14:47 - 2013-11-29 14:47 - 00941691 _____ C:\Users\Nutzer\Downloads\RBT-2001 driver.zip

2013-11-29 13:22 - 2013-11-19 22:18 - 00000000 ____D C:\Program Files (x86)\Bochs-2.6.2

2013-11-29 06:30 - 2012-11-06 21:31 - 00002884 _____ C:\Windows\System32\Tasks\{6CB0BC55-4765-4393-9D1D-0B3EAF3D3832}

2013-11-29 06:30 - 2012-10-26 10:29 - 00002910 _____ C:\Windows\System32\Tasks\{6D493636-B137-400A-96A2-800A382A676D}

2013-11-27 22:10 - 2013-11-27 22:10 - 00000000 ____D C:\Users\Nutzer\Eigene Routen

2013-11-27 22:10 - 2012-10-11 10:54 - 00000000 ____D C:\Users\Nutzer

2013-11-27 22:08 - 2013-11-27 21:35 - 00000000 ____D C:\Users\Nutzer\.hgt

2013-11-27 21:35 - 2013-11-27 21:35 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RouteConverter

2013-11-27 21:35 - 2013-11-27 21:35 - 00000000 ____D C:\Users\Nutzer\.swt

2013-11-27 20:59 - 2013-11-19 00:07 - 00000000 ____D C:\Users\Nutzer\Desktop\Tablet

2013-11-26 12:54 - 2013-12-12 09:23 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-11-26 11:19 - 2013-12-12 09:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-11-26 11:18 - 2013-12-12 09:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-11-26 11:11 - 2013-12-12 09:23 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-11-26 10:48 - 2013-12-12 09:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-11-26 10:46 - 2013-12-12 09:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-11-26 10:41 - 2013-12-12 09:23 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-11-26 10:29 - 2013-12-12 09:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-11-26 10:27 - 2013-12-12 09:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-11-26 10:23 - 2013-12-12 09:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-11-26 10:21 - 2013-12-12 09:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-11-26 10:18 - 2013-12-12 09:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-11-26 10:18 - 2013-12-12 09:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-11-26 10:16 - 2013-12-12 09:23 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-11-26 09:57 - 2013-12-12 09:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-11-26 09:38 - 2013-12-12 09:23 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-11-26 09:38 - 2013-12-12 09:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-11-26 09:35 - 2013-12-12 09:22 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-11-26 09:32 - 2013-12-12 09:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-11-26 09:28 - 2013-12-12 09:23 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-11-26 09:16 - 2013-12-12 09:22 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-11-26 09:02 - 2013-12-12 09:23 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-11-26 08:59 - 2012-05-19 09:52 - 00002452 _____ C:\Windows\system32\AutoRunFilter.ini

2013-11-26 08:48 - 2013-12-12 09:23 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-11-26 08:32 - 2013-12-12 09:23 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-11-26 08:26 - 2013-12-12 09:23 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-11-26 08:07 - 2013-12-12 09:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-11-26 07:40 - 2013-12-12 09:23 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-11-26 07:34 - 2013-12-12 09:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-11-26 07:34 - 2013-12-12 09:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-11-26 07:33 - 2013-12-12 09:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-11-26 07:27 - 2013-12-12 09:23 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-11-23 19:26 - 2013-12-11 12:06 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-11-23 18:47 - 2013-12-11 12:06 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-11-23 16:44 - 2013-11-23 16:44 - 00205262 _____ C:\Users\Nutzer\Downloads\Odin Multi Downloader v4.43.zip

2013-11-23 16:43 - 2013-11-23 16:43 - 00549408 _____ C:\Users\Nutzer\Downloads\bootloader.zip

2013-11-23 16:43 - 2013-11-23 16:43 - 00000225 _____ C:\Users\Nutzer\Downloads\AriesVE.zip

2013-11-23 16:31 - 2013-11-23 16:26 - 134368798 _____ C:\Users\Nutzer\Downloads\cm-9-20120920-ivendor-ariesve-rc2.zip

2013-11-23 16:29 - 2013-11-23 16:26 - 52048746 _____ C:\Users\Nutzer\Downloads\gapps-ics-20120429-signed.zip

2013-11-23 16:05 - 2013-11-23 15:44 - 261557919 _____ C:\Users\Nutzer\Downloads\I9001BUKP2_I9001VD2KP1_VD2.zip

2013-11-23 15:54 - 2013-11-23 15:54 - 04100578 _____ C:\Users\Nutzer\Downloads\CWM5504-CM9-recovery.zip

2013-11-23 15:54 - 2013-11-23 15:53 - 08123763 _____ C:\Users\Nutzer\Downloads\9001_stock_recovery-signed.zip

2013-11-23 15:44 - 2013-11-23 15:43 - 24095694 _____ C:\Users\Nutzer\Downloads\Samsung USB Driver 2.1.0.1195.zip

2013-11-23 15:43 - 2013-11-23 15:43 - 00000132 _____ C:\Users\Nutzer\Downloads\AriesVE.ops.txt

2013-11-22 13:15 - 2013-11-22 13:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf

2013-11-22 13:11 - 2013-11-22 13:11 - 00518368 _____ C:\Users\Nutzer\Downloads\Root-i9001-Signed.zip

2013-11-22 13:11 - 2013-11-22 13:11 - 00249519 _____ C:\Users\Nutzer\Downloads\Easy_Reboot_Recovery.zip

2013-11-22 13:11 - 2013-11-22 13:11 - 00121580 _____ C:\Users\Nutzer\Downloads\UnRoot-i9001-Signed.zip

2013-11-22 13:03 - 2013-11-22 13:03 - 06563840 _____ C:\Users\Nutzer\Downloads\CWM_s2vep_k2wl.tar

2013-11-22 12:52 - 2013-11-22 12:52 - 00000000 ____D C:\ProgramData\Samsung

2013-11-22 12:52 - 2013-11-22 12:52 - 00000000 ____D C:\Program Files\SAMSUNG

2013-11-22 12:31 - 2013-11-22 12:31 - 06484894 _____ C:\Users\Nutzer\Downloads\CWMtouch-i9105_chotu.tar.md5.zip

2013-11-22 12:31 - 2013-11-22 12:30 - 14759040 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Nutzer\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones(2).exe

2013-11-22 12:30 - 2013-11-22 12:30 - 00467537 _____ C:\Users\Nutzer\Downloads\Odin304.zip

2013-11-20 14:26 - 2013-11-20 14:26 - 00000000 ____D C:\Windows\WindowsMobile

2013-11-20 14:25 - 2013-11-20 14:25 - 13054856 _____ (Microsoft Corporation) C:\Users\Nutzer\Downloads\drvupdate-amd64.exe

2013-11-20 14:24 - 2013-11-20 14:24 - 12644232 _____ (Microsoft Corporation) C:\Users\Nutzer\Downloads\drvupdate6965-x86.exe

2013-11-20 14:22 - 2013-11-20 14:22 - 07844864 _____ C:\Users\Nutzer\Downloads\setup45dt.msi

2013-11-20 14:22 - 2013-11-20 14:22 - 00003036 _____ C:\Windows\System32\Tasks\{A69C3DF9-C122-4347-965C-F20A919EF4BE}

2013-11-20 02:36 - 2013-11-20 02:36 - 03995946 _____ C:\Users\Nutzer\Downloads\Vending.apk

2013-11-20 02:36 - 2013-11-20 02:36 - 03784518 _____ C:\Users\Nutzer\Downloads\Google_Play_Store_v3.4.7.apk

2013-11-20 02:36 - 2013-11-20 01:53 - 943718400 _____ C:\Users\Nutzer\Downloads\ubuntu.part1.rar

2013-11-20 02:27 - 2013-11-20 01:53 - 600293561 _____ C:\Users\Nutzer\Downloads\ubuntu.part2.rar

2013-11-20 00:25 - 2013-11-20 00:25 - 00049001 _____ C:\Users\Nutzer\Downloads\SDL.zip

2013-11-20 00:04 - 2013-11-19 22:20 - 00000000 ____D C:\Program Files (x86)\QemuManager

2013-11-19 22:20 - 2013-11-19 22:20 - 07706797 _____ (David T Reynolds                                            ) C:\Users\Nutzer\Downloads\setupqemuk70.exe

2013-11-19 22:17 - 2013-11-19 22:17 - 04691702 _____ C:\Users\Nutzer\Downloads\Bochs-2.6.2.exe

2013-11-19 22:13 - 2013-11-19 22:13 - 00682653 _____ C:\Users\Nutzer\Downloads\QEMU.apk

2013-11-19 22:13 - 2013-11-19 22:13 - 00057046 _____ C:\Users\Nutzer\Downloads\SDL(QEMU).zip

2013-11-19 22:13 - 2013-11-19 22:13 - 00049779 _____ C:\Users\Nutzer\Downloads\SDL(BOCHS).zip

2013-11-19 22:12 - 2013-11-19 22:12 - 01265427 _____ C:\Users\Nutzer\Downloads\Bochs2_5_1.apk

2013-11-19 22:12 - 2013-11-19 22:11 - 12041317 _____ C:\Users\Nutzer\Downloads\qemu-1.6.1.tar.bz2

2013-11-19 22:08 - 2013-11-19 22:08 - 00262144 _____ C:\Users\Nutzer\Downloads\Blank Image File.qcow2

2013-11-19 01:52 - 2013-11-19 01:07 - 00000000 ____D C:\Users\Nutzer\Desktop\Backup

2013-11-19 01:20 - 2013-01-28 01:16 - 00000000 ____D C:\Program Files\Recuva

2013-11-19 01:14 - 2013-11-19 01:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-11-19 00:37 - 2013-11-19 00:36 - 13879664 _____ C:\Users\Nutzer\Downloads\AML_Flash.zip

2013-11-19 00:25 - 2013-11-19 00:25 - 00000000 ____D C:\Windows\SysWOW64\tmp

2013-11-19 00:24 - 2013-11-19 00:24 - 00002990 _____ C:\Windows\System32\Tasks\{30001B4E-C90F-4E6F-98A1-4701233D3954}

2013-11-19 00:24 - 2013-11-19 00:24 - 00000000 ____D C:\Windows\SysWOW64\log

2013-11-19 00:04 - 2013-11-18 23:48 - 246661919 _____ C:\Users\Nutzer\Downloads\v712d-v2_v1.5.5.zip

2013-11-19 00:00 - 2013-11-18 23:55 - 47694194 _____ C:\Users\Nutzer\Downloads\Root_Gapps_complete.zip

2013-11-18 23:54 - 2013-11-18 23:54 - 00599795 _____ C:\Users\Nutzer\Downloads\SU-RootKeeper.zip

2013-11-18 23:45 - 2013-11-18 23:45 - 00368978 _____ C:\Users\Nutzer\Downloads\ADB.zip

2013-11-18 23:29 - 2013-11-18 23:29 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Canneverbe Limited

2013-11-18 23:29 - 2013-11-18 23:29 - 00000000 ____D C:\ProgramData\Canneverbe Limited

2013-11-18 23:28 - 2013-11-18 23:28 - 00001955 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk

2013-11-18 23:28 - 2013-11-18 23:28 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

2013-11-18 23:27 - 2013-11-18 23:26 - 05232040 _____ (Canneverbe Limited                                          ) C:\Users\Nutzer\Downloads\28929_cdbxp_setup_4.5.0.3717.exe

2013-11-18 22:33 - 2013-11-18 21:27 - 612479966 _____ C:\Users\Nutzer\Downloads\Microsoft.Windows.XP.zip

2013-11-18 21:51 - 2012-11-06 10:05 - 00000000 ____D C:\Users\Nutzer\Desktop\C++ Buch

2013-11-18 20:47 - 2013-11-18 20:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf

2013-11-17 20:37 - 2013-11-17 20:37 - 03992416 _____ (Piriform Ltd) C:\Users\Nutzer\Downloads\rcsetup149.exe

2013-11-17 07:32 - 2012-10-11 15:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-11-15 22:53 - 2013-11-15 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-14 10:03 - 2012-10-11 10:55 - 00001427 _____ C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-14 09:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-11-14 03:04 - 2013-07-24 08:34 - 00000000 ____D C:\Windows\system32\MRT

2013-11-14 03:01 - 2012-10-13 15:44 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-11-13 12:03 - 2013-11-13 11:54 - 00010277 _____ C:\Windows\IE11_main.log

2013-11-13 11:56 - 2013-11-13 11:56 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-13 11:56 - 2013-11-13 11:56 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-13 11:56 - 2013-11-13 11:56 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-13 11:56 - 2013-11-13 11:56 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-13 11:56 - 2013-11-13 11:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-13 11:56 - 2013-11-13 11:56 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-13 11:56 - 2013-11-13 11:56 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-13 11:56 - 2013-11-13 11:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-13 11:56 - 2013-11-13 11:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-12-12 16:39
 

==================== End Of Log ============================

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2013 01

Ran by Nutzer at 2013-12-13 11:17:34

Running from C:\Users\Nutzer\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

µTorrent (x32 Version: 3.3.0.29625)

1&1 SmartFax (x32 Version: 2.00.231)

Adobe AIR (x32 Version: 3.4.0.2710)

Adobe Download Assistant (x32 Version: 1.2.3)

Adobe Flash Player 10 ActiveX (x32 Version: 10.1.85.3)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Photoshop CS6 (x32 Version: 13.0)

Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)

AES Crypt (Version: 3.08)

AhnLab Online Security (x32)

ASUS AI Recovery (x32 Version: 1.0.24)

ASUS FaceLogon (x32 Version: 1.0.0014)

ASUS K45_K75_K95_Screensaver (x32 Version: 1.0.0001)

ASUS LifeFrame3 (x32 Version: 3.0.30)

ASUS Live Update (x32 Version: 3.1.7)

ASUS Power4Gear Hybrid (Version: 1.2.1)

ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0041)

ASUS USB Charger Plus (x32 Version: 2.0.9)

ASUS Virtual Camera (x32 Version: 1.0.25)

ASUS Virtual Touch (x32 Version: 1.0.9)

ASUS WebStorage (x32 Version: 3.0.108.222)

ASUSDVD (x32 Version: 10.0.3622.52)

AsusVibe2.0 (x32 Version: 2.0.9.157)

Atheros Bluetooth Suite (64) (Version: 7.4.0.115)

ATK Package (x32 Version: 1.0.0016)

avast! Pro Antivirus (x32 Version: 9.0.2008)

Black and White (x32)

Bochs 2.6.2 (remove only) (x32 Version: 2.6.2)

BT GPS x-mini (x32 Version: 1.0)

CCleaner (Version: 3.24)

CDBurnerXP (x32 Version: 4.5.0.3717)

Cheat Engine 6.3 (x32)

Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)

Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)

CX4300_5500_DX4400 Handbuch (x32)

CyberLink LabelPrint (x32 Version: 2.5.3624)

CyberLink Media Suite (x32 Version: 8.0.2926)

CyberLink Power2Go (x32 Version: 7.0.0.1126)

D3DX10 (x32 Version: 15.4.2368.0902)

DAEMON Tools Lite (x32 Version: 4.47.1.0333)

Die Siedler II - Die nächste Generation (x32)

Die Sims™ 2 Super Deluxe (x32)

DVR Configuration Tool (x32 Version: 1.0.9)

ElsterFormular (x32 Version: 14.4.12044)

Empire Earth (x32)

EPSON Attach To Email (x32 Version: 1.01.0000)

EPSON Copy Utility 3 (x32 Version: 3.2.0.0)

EPSON Easy Photo Print (x32 Version: 1.4.2.0)

EPSON File Manager (x32 Version: 1.3.0.0)

EPSON Scan (x32)

EPSON Scan Assistant (x32 Version: 1.10.00)

EPSON-Drucker-Software

ETDWare PS/2-X64 10.5.9.0 (Version: 10.5.9.0)

f.lux (HKCU)

Farm Frenzy 3 - Madagascar (x32)

Fast Boot (Version: 1.0.10)

FLV-Media-Player (x32 Version: 2.0.3.2520)

Freemake Video Converter Version 4.0.1 (x32 Version: 4.0.1)

Galapago (x32)

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)

Game Park Console (x32 Version: 1.2.4.431)

Go Go Gourmet Chef of the Year (x32)

HeidiSQL 7.0.0.4053 (x32 Version: 7.0)

Hex-Editor MX (x32 Version: 6.0)

InstantOn for NB (x32 Version: 2.2.0)

Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)

Intel(R) Management Engine Components (x32 Version: 8.0.3.1427)

Intel(R) OpenCL CPU Runtime (x32)

Intel(R) Processor Graphics (x32 Version: 8.15.10.2669)

Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)

Intel® Trusted Connect Service Client (Version: 1.23.605.1)

IrfanView (remove only) (x32 Version: 4.32)

ITN Converter 1.83 (x32 Version: 1.83)

Java 7 Update 9 (x32 Version: 7.0.90)

Java Auto Updater (x32 Version: 2.1.9.0)

JDownloader 0.9 (x32 Version: 0.9)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Legacy of Kain: Soul Reaver (x32)

Mahjong Memoirs (x32)

Mesh Runtime (x32 Version: 15.4.5722.2)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)

Microsoft .NET Framework 4 Extended (Version: 4.0.30320)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office 2010 (x32 Version: 14.0.4763.1000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)

Mozilla Maintenance Service (x32 Version: 25.0.1)

Mozilla Thunderbird 16.0 (x86 de) (x32 Version: 16.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

Notepad++ (x32 Version: 6.2)

NVIDIA Control Panel 290.81 (Version: 290.81)

NVIDIA Graphics Driver 290.81 (Version: 290.81)

NVIDIA Install Application (Version: 2.1002.48.259)

NVIDIA Optimus 1.6.24 (Version: 1.6.24)

NVIDIA PhysX (x32 Version: 9.11.1111)

NVIDIA Update 1.6.24 (Version: 1.6.24)

NVIDIA Update Components (Version: 1.6.24)

OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)

Oracle VM VirtualBox 4.2.12 (Version: 4.2.12)

Origin (x32 Version: 9.3.6.4643)

PDF Settings CS6 (x32 Version: 11.0)

Plants vs Zombies (x32)

Qemu Manager 7.0 (x32)

Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)

Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6537)

Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7601.39015)

Recuva (Version: 1.49)

Samsung AllShare (x32 Version: 2.1.0.12031_10)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)

SceneSwitch (x32 Version: 1.0.12)

TIPP10 Version 2.1.0 (x32)

TrueCrypt (x32 Version: 7.1a)

Turbo Fiesta (x32)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3538.0513)

Windows Live Family Safety (Version: 15.4.3538.0513)

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3538.0513)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Windows Live 影像中心 (x32 Version: 15.4.3502.0922)

Windows Live 程式集 (x32 Version: 15.4.3502.0922)

Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)

WinFlash (x32 Version: 2.41.0)

WinRAR 4.20 (64-Bit) (Version: 4.20.0)

WinUAE 1.6.0 (x32 Version: 1.6.0)

Wireless Console 3 (x32 Version: 3.0.27)

World of Goo (x32)

XAMPP 1.8.1 (x32)

Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)

Почта Windows Live (x32 Version: 15.4.3502.0922)

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)

Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2)

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)

פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)

بريد Windows Live (x32 Version: 15.4.3502.0922)

عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)

معرض صور Windows Live (x32 Version: 15.4.3502.0922)

適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)
 

==================== Restore Points  =========================
 

26-11-2013 06:28:56 Windows Update

29-11-2013 13:47:57 Installed BT GPS x-mini

29-11-2013 14:55:44 Windows Update

03-12-2013 08:48:16 Windows Update

06-12-2013 20:18:52 Windows Update

06-12-2013 20:19:43 avast! antivirus system restore point

10-12-2013 20:28:50 Windows Update

12-12-2013 08:21:55 Windows Modules Installer
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2012-11-08 00:28 - 00001333 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com

127.0.0.1 practivate.adobe.com

127.0.0.1 ereg.adobe.com

127.0.0.1 activate.wip3.adobe.com

127.0.0.1 wip3.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 adobe-dns.adobe.com

127.0.0.1 adobe-dns-2.adobe.com

127.0.0.1 adobe-dns-3.adobe.com

127.0.0.1 ereg.wip3.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 wwis-dubc1-vip60.adobe.com

127.0.0.1 activate-sjc0.adobe.com

127.0.0.1 wwis-dubc1-vip60.adobe.com

127.0.0.1 lm.licenses.adobe.com
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0B8AFCDB-85A3-4ED1-861F-0C360A8A8538} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)

Task: {13B741FD-43BE-4ECB-A58C-64AED8AA9B88} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2011-12-21] (ASUSTeK Computer Inc.)

Task: {2245C119-E50E-42AA-AD1D-3AF1E95CCC28} - System32\Tasks\AdobeAAMUpdater-1.0-Nutzer-PC-Nutzer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-04-04] (Adobe Systems Incorporated)

Task: {37AC9C4F-5232-4FD9-9B7F-FD8049152E98} - System32\Tasks\{6D493636-B137-400A-96A2-800A382A676D} => C:\Spiele\GRO\Godlike.exe

Task: {3F95E509-0840-4AC5-A7CE-58DFC91E28DF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-06] (AVAST Software)

Task: {4D69F773-737F-4212-A35E-61C04E60FC0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)

Task: {5C14BAED-614F-4C07-924E-9608BCDD0975} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)

Task: {86F7F276-5DCD-47D9-8980-93D837219A2B} - System32\Tasks\{6CB0BC55-4765-4393-9D1D-0B3EAF3D3832} => G:\setup.exe

Task: {8A0443DE-E7D8-4D02-BC2C-55DD21CAF8D3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)

Task: {9D6BD101-3D0F-4C9A-9D92-BA88F42B18C3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2803969532-3586009099-3580304194-1001

Task: {9F3E8CA5-7905-422A-8B50-F205A4B51CD6} - System32\Tasks\Open URL by RoboForm => C:\Windows\System32\url.dll [2013-11-13] (Microsoft Corporation)

Task: {9FD22815-BEEC-4891-A4AC-D4F4572AD792} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)

Task: {A11A88A6-2E34-45BE-97FC-34858A37AF6D} - System32\Tasks\{30001B4E-C90F-4E6F-98A1-4701233D3954} => C:\Users\Nutzer\Desktop\Tablet\USB-Burning-tool-SPI\ImageBurnTool.exe [2012-09-17] ()

Task: {B0EB6CBD-6E1C-4AC1-A62A-04F45F6F19B0} - System32\Tasks\Run RoboForm Process => C:\Users\Nutzer\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe

Task: {CB556DBF-34A0-47CE-B765-07DD3998BBD8} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)

Task: {F5654043-0D3D-45B6-868D-884BE5DA3F4E} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2011-12-21] (ASUSTeK Computer Inc.)

Task: {F7F3AE5F-7FC3-4EA5-918E-AED11E3F1EBB} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)

Task: {FBF3AC61-F6EA-4BF9-A783-B0EC08B6CCFA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)

Task: {FDEDE217-BDE6-4E9D-BFF8-62B754CF7C9C} - System32\Tasks\{A69C3DF9-C122-4347-965C-F20A919EF4BE} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

2013-04-12 10:40 - 2013-04-12 10:40 - 00380176 _____ () D:\VirtualBox\VBoxDDU.dll

2013-04-12 10:40 - 2013-04-12 10:40 - 04250896 _____ () D:\VirtualBox\VBoxRT.dll

2013-06-14 09:16 - 2013-06-14 09:16 - 00018704 ____N () D:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 02026256 _____ () D:\VirtualBox\VBoxVMM.dll

2013-04-12 10:42 - 2013-04-12 10:42 - 00670480 _____ () D:\VirtualBox\VBoxREM.dll

2012-07-19 20:07 - 2012-07-19 20:07 - 02716504 _____ () D:\VirtualBox\QtCoreVBox4.dll

2012-07-19 20:10 - 2012-07-19 20:10 - 09680728 _____ () D:\VirtualBox\QtGuiVBox4.dll

2012-07-19 20:08 - 2012-07-19 20:08 - 00996696 _____ () D:\VirtualBox\QtNetworkVBox4.dll

2012-07-19 20:11 - 2012-07-19 20:11 - 00809304 _____ () D:\VirtualBox\QtOpenGLVBox4.dll

2012-07-19 20:14 - 2012-07-19 20:14 - 00208216 _____ () D:\VirtualBox\accessible\qtaccessiblewidgets4.dll

2013-04-12 10:41 - 2013-04-12 10:41 - 00030480 _____ () D:\VirtualBox\VBoxSharedClipboard.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 00046864 _____ () D:\VirtualBox\VBoxDragAndDropSvc.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 00915216 _____ () D:\VirtualBox\VBoxSharedCrOpenGL.DLL

2013-04-12 10:40 - 2013-04-12 10:40 - 00164112 _____ () D:\VirtualBox\VBoxOGLhostcrutil.dll

2013-04-12 10:41 - 2013-04-12 10:41 - 00110864 _____ () D:\VirtualBox\VBoxOGLrenderspu.dll

2013-04-12 10:41 - 2013-04-12 10:41 - 00097552 _____ () D:\VirtualBox\VBoxOGLhosterrorspu.dll

2012-03-29 08:41 - 2012-02-28 09:20 - 17225728 _____ () C:\Windows\system32\ig7icd64.dll

2013-04-12 10:41 - 2013-04-12 10:41 - 00048912 _____ () D:\VirtualBox\VBoxGuestPropSvc.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 00042256 _____ () D:\VirtualBox\VBoxGuestControlSvc.DLL

2013-04-12 10:42 - 2013-04-12 10:42 - 02263312 _____ () D:\VirtualBox\VBoxDD.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 00171792 _____ () D:\VirtualBox\VBoxDD2.dll

2013-06-14 09:16 - 2013-06-14 09:16 - 00048912 ____N () D:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL

2013-06-14 09:16 - 2013-06-14 09:16 - 00066832 ____N () D:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL

2013-06-14 09:16 - 2013-06-14 09:16 - 00056080 ____N () D:\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL

2013-04-12 10:41 - 2013-04-12 10:41 - 00040208 _____ () D:\VirtualBox\VBoxSharedFolders.DLL

2013-12-12 23:46 - 2013-12-12 22:38 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121201\algo.dll

2013-12-13 10:41 - 2013-12-13 09:58 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121300\algo.dll

2012-02-21 22:49 - 2012-02-21 22:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

2010-08-20 17:57 - 2010-08-20 17:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2010-08-20 17:57 - 2010-08-20 17:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

2012-01-31 17:25 - 2012-01-31 17:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll

2013-12-06 21:26 - 2013-12-06 21:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll

2012-05-19 09:45 - 2012-02-21 05:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2013-11-15 22:53 - 2013-11-15 22:53 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-06-29 11:08 - 2013-06-29 11:08 - 16033160 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 

Name: Microsoft-Adapter für Miniports virtueller WiFis

Description: Microsoft-Adapter für Miniports virtueller WiFis

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (12/13/2013 08:19:37 AM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: BrowserCleanup.exe, Version: 9.0.0.18, Zeitstempel: 0x525c1044

Name des fehlerhaften Moduls: BrowserCleanup.exe, Version: 9.0.0.18, Zeitstempel: 0x525c1044

Ausnahmecode: 0x40000015

Fehleroffset: 0x0026d878

ID des fehlerhaften Prozesses: 0x1920

Startzeit der fehlerhaften Anwendung: 0xBrowserCleanup.exe0

Pfad der fehlerhaften Anwendung: BrowserCleanup.exe1

Pfad des fehlerhaften Moduls: BrowserCleanup.exe2

Berichtskennung: BrowserCleanup.exe3
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)

Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
 

System errors:

=============

Error: (12/13/2013 08:14:53 AM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/12/2013 03:44:04 PM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/11/2013 10:54:47 PM) (Source: Ntfs) (User: )

Description: Auf dem Volume "V:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
 

Error: (12/11/2013 08:47:16 PM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/11/2013 10:05:01 AM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/11/2013 01:44:19 AM) (Source: Ntfs) (User: )

Description: Auf dem Volume "V:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
 

Error: (12/10/2013 08:36:04 PM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/10/2013 06:07:46 PM) (Source: Ntfs) (User: )

Description: Auf dem Volume "V:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
 

Error: (12/10/2013 07:28:30 AM) (Source: BTHUSB) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (12/09/2013 10:46:50 AM) (Source: BugCheck) (User: )

Description: 0x0000000a (0x00000000000c5db6, 0x0000000000000002, 0x0000000000000001, 0xfffff80003283c86)C:\Windows\MEMORY.DMP120913-59545-01
 
 

Microsoft Office Sessions:

=========================

Error: (12/13/2013 08:19:37 AM) (Source: Application Error)(User: )

Description: BrowserCleanup.exe9.0.0.18525c1044BrowserCleanup.exe9.0.0.18525c1044400000150026d878192001cef7d3a2da29d4C:\Users\Nutzer\AppData\Local\Temp\7zS6B97.tmp\BrowserCleanup.exeC:\Users\Nutzer\AppData\Local\Temp\7zS6B97.tmp\BrowserCleanup.exeec1dc0ca-63c6-11e3-a06a-b8075e5c3e4e
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: WmiApRplWmiApRpl8F20300004D070000
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 

Error: (12/13/2013 08:16:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: WmiApRplWmiApRpl8F20300004D070000
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 

Error: (12/12/2013 09:50:37 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: WmiApRplWmiApRpl8F20300004D070000
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 

Error: (12/12/2013 09:24:56 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)

Description: Performance1637070000000000000000000009030000
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 71%

Total physical RAM: 12174.32 MB

Available physical RAM: 3411.82 MB

Total Pagefile: 24346.82 MB

Available Pagefile: 15065.23 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:302.89 GB) (Free:137.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (D) (Fixed) (Total:488.28 GB) (Free:45.4 GB) NTFS

Drive v: () (Fixed) (Total:380 GB) (Free:9.43 GB) NTFS

Drive z: (Z) (Fixed) (Total:698.64 GB) (Free:697.36 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 932 GB) (Disk ID: 85CBDE57)
 

Partition: GPT Partition Type

========================================================

Disk: 1 (Size: 699 GB) (Disk ID: 8F07F04A)
 

Partition: GPT Partition Type

==================== End Of Log ============================

ComboFix
[CODE]
Combofix Logfile:

Code:

ComboFix 13-12-13.01 - Nutzer 14.12.2013  10:48:15.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.12174.3423 [GMT 1:00]

ausgeführt von:: c:\users\Nutzer\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\1&1

c:\programdata\1&1\1&1 SmartFax\Settings.xml

c:\users\Nutzer\AppData\Roaming\1&1

c:\users\Nutzer\AppData\Roaming\1&1\1&1 SmartFax\FaxNumberHistory.xml

c:\users\Nutzer\AppData\Roaming\1&1\1&1 SmartFax\Settings.xml

c:\windows\IsUn0407.exe

c:\windows\msvcr71.dll

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-11-14 bis 2013-12-14  ))))))))))))))))))))))))))))))

.

.

2013-12-14 09:53 . 2013-12-14 09:53        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-12-14 09:53 . 2013-12-14 09:53        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-12-13 23:42 . 2013-12-13 23:42        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8E5DC85-69F0-4B3A-B8A4-086C67C1FE98}\offreg.dll

2013-12-13 15:21 . 2013-11-08 03:12        10285968        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8E5DC85-69F0-4B3A-B8A4-086C67C1FE98}\mpengine.dll

2013-12-13 10:16 . 2013-12-13 10:16        --------        d-----w-        C:\FRST

2013-12-12 08:24 . 2013-05-10 05:56        12625920        ----a-w-        c:\windows\system32\wmploc.DLL

2013-12-12 08:24 . 2013-05-10 04:30        167424        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe

2013-12-12 08:24 . 2013-05-10 03:48        164864        ----a-w-        c:\program files (x86)\Windows Media Player\wmplayer.exe

2013-12-12 08:24 . 2013-05-10 04:56        12625408        ----a-w-        c:\windows\SysWow64\wmploc.DLL

2013-12-12 08:24 . 2013-05-10 05:56        14631424        ----a-w-        c:\windows\system32\wmp.dll

2013-12-12 08:22 . 2013-11-26 08:35        5769216        ----a-w-        c:\windows\system32\jscript9.dll

2013-12-12 08:22 . 2013-11-26 08:16        4243968        ----a-w-        c:\windows\SysWow64\jscript9.dll

2013-12-11 11:06 . 2013-10-30 02:32        335360        ----a-w-        c:\windows\system32\msieftp.dll

2013-12-11 11:06 . 2013-10-30 02:19        301568        ----a-w-        c:\windows\SysWow64\msieftp.dll

2013-12-11 11:06 . 2013-10-30 01:24        3155968        ----a-w-        c:\windows\system32\win32k.sys

2013-12-11 11:06 . 2013-11-23 18:26        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2013-12-11 11:06 . 2013-11-23 17:47        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

2013-12-11 11:06 . 2013-10-19 02:18        81408        ----a-w-        c:\windows\system32\imagehlp.dll

2013-12-11 11:06 . 2013-10-19 01:36        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll

2013-12-11 11:06 . 2013-11-12 02:23        2048        ----a-w-        c:\windows\system32\tzres.dll

2013-12-11 11:06 . 2013-11-12 02:07        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

2013-12-11 11:05 . 2013-10-04 02:16        116736        ----a-w-        c:\windows\system32\drivers\drmk.sys

2013-12-11 11:05 . 2013-10-04 01:36        230400        ----a-w-        c:\windows\system32\drivers\portcls.sys

2013-12-11 11:05 . 2013-10-12 02:32        150016        ----a-w-        c:\windows\system32\wshom.ocx

2013-12-11 11:05 . 2013-10-12 02:31        202752        ----a-w-        c:\windows\system32\scrrun.dll

2013-12-11 11:05 . 2013-10-12 02:04        121856        ----a-w-        c:\windows\SysWow64\wshom.ocx

2013-12-11 11:05 . 2013-10-12 01:33        156160        ----a-w-        c:\windows\system32\cscript.exe

2013-12-11 11:05 . 2013-10-12 01:15        141824        ----a-w-        c:\windows\SysWow64\wscript.exe

2013-12-11 11:05 . 2013-10-12 02:03        163840        ----a-w-        c:\windows\SysWow64\scrrun.dll

2013-12-11 11:05 . 2013-10-12 01:33        168960        ----a-w-        c:\windows\system32\wscript.exe

2013-12-11 11:05 . 2013-10-12 01:15        126976        ----a-w-        c:\windows\SysWow64\cscript.exe

2013-12-06 20:27 . 2013-12-06 20:27        --------        d-----w-        c:\users\Nutzer\AppData\Roaming\AVAST Software

2013-12-06 20:26 . 2013-12-06 20:26        92544        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys

2013-12-06 20:26 . 2013-12-06 20:26        84328        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys

2013-12-06 20:26 . 2013-12-06 20:26        65776        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys

2013-12-06 20:26 . 2013-12-06 20:26        65264        ----a-w-        c:\windows\system32\drivers\aswTdi.sys

2013-12-06 20:26 . 2013-12-06 20:26        409832        ----a-w-        c:\windows\system32\drivers\aswSP.sys

2013-12-06 20:26 . 2013-12-06 20:26        38984        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys

2013-12-06 20:26 . 2013-12-06 20:26        205320        ----a-w-        c:\windows\system32\drivers\aswVmm.sys

2013-12-06 20:26 . 2013-12-06 20:26        1032416        ----a-w-        c:\windows\system32\drivers\aswSnx.sys

2013-12-06 20:26 . 2013-12-06 20:26        28184        ----a-w-        c:\windows\system32\drivers\aswKbd.sys

2013-12-06 20:26 . 2013-12-06 20:26        43152        ----a-w-        c:\windows\avastSS.scr

2013-12-06 20:26 . 2013-12-06 20:26        334648        ----a-w-        c:\windows\system32\aswBoot.exe

2013-11-29 17:58 . 2013-11-29 17:58        --------        d-----w-        c:\program files (x86)\ITN Converter

2013-11-29 14:24 . 2013-11-29 14:24        --------        d-----w-        c:\users\Nutzer\AppData\Local\ElevatedDiagnostics

2013-11-29 13:48 . 2013-11-29 13:48        --------        d-----w-        c:\program files (x86)\RoyalTek

2013-11-27 21:10 . 2013-11-27 21:10        --------        d-----w-        c:\users\Nutzer\Eigene Routen

2013-11-27 20:35 . 2013-11-27 21:08        --------        d-----w-        c:\users\Nutzer\.hgt

2013-11-27 20:35 . 2013-11-27 20:35        --------        d-----w-        c:\users\Nutzer\.swt

2013-11-20 13:26 . 2013-11-20 13:26        --------        d-----w-        c:\windows\WindowsMobile

2013-11-19 21:20 . 2013-11-19 23:04        --------        d-----w-        c:\program files (x86)\QemuManager

2013-11-19 21:18 . 2013-11-29 12:22        --------        d-----w-        c:\program files (x86)\Bochs-2.6.2

2013-11-18 23:25 . 2013-11-18 23:25        --------        d-----w-        c:\windows\SysWow64\tmp

2013-11-18 23:24 . 2013-11-18 23:24        --------        d-----w-        c:\windows\SysWow64\log

2013-11-18 22:29 . 2013-11-18 22:29        --------        d-----w-        c:\users\Nutzer\AppData\Roaming\Canneverbe Limited

2013-11-18 22:29 . 2013-11-18 22:29        --------        d-----w-        c:\programdata\Canneverbe Limited

2013-11-18 22:28 . 2013-11-18 22:28        --------        d-----w-        c:\program files (x86)\CDBurnerXP

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-14 09:41 . 2012-10-11 09:54        387        ----a-w-        c:\users\Nutzer\AppData\Roaming\sp_data.sys

2013-11-14 02:01 . 2012-10-13 14:44        82896128        ----a-w-        c:\windows\system32\MRT.exe

2013-11-13 10:56 . 2013-11-13 10:56        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-13 10:56 . 2013-11-13 10:56        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-11-13 10:56 . 2013-11-13 10:56        942592        ----a-w-        c:\windows\system32\jsIntl.dll

2013-11-13 10:56 . 2013-11-13 10:56        90112        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-11-13 10:56 . 2013-11-13 10:56        86016        ----a-w-        c:\windows\SysWow64\iesysprep.dll

2013-11-13 10:56 . 2013-11-13 10:56        86016        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe

2013-11-13 10:56 . 2013-11-13 10:56        84992        ----a-w-        c:\windows\system32\mshtmled.dll

2013-11-13 10:56 . 2013-11-13 10:56        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll

2013-11-13 10:56 . 2013-11-13 10:56        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-11-13 10:56 . 2013-11-13 10:56        774144        ----a-w-        c:\windows\system32\jscript.dll

2013-11-13 10:56 . 2013-11-13 10:56        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-11-13 10:56 . 2013-11-13 10:56        74240        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-11-13 10:56 . 2013-11-13 10:56        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-11-13 10:56 . 2013-11-13 10:56        645120        ----a-w-        c:\windows\SysWow64\jsIntl.dll

2013-11-13 10:56 . 2013-11-13 10:56        626176        ----a-w-        c:\windows\system32\msfeeds.dll

2013-11-13 10:56 . 2013-11-13 10:56        62464        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-11-13 10:56 . 2013-11-13 10:56        62464        ----a-w-        c:\windows\system32\pngfilt.dll

2013-11-13 10:56 . 2013-11-13 10:56        61952        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll

2013-11-13 10:56 . 2013-11-13 10:56        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll

2013-11-13 10:56 . 2013-11-13 10:56        616104        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-11-13 10:56 . 2013-11-13 10:56        548352        ----a-w-        c:\windows\system32\vbscript.dll

2013-11-13 10:56 . 2013-11-13 10:56        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-11-13 10:56 . 2013-11-13 10:56        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll

2013-11-13 10:56 . 2013-11-13 10:56        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-11-13 10:56 . 2013-11-13 10:56        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-11-13 10:56 . 2013-11-13 10:56        48128        ----a-w-        c:\windows\system32\imgutil.dll

2013-11-13 10:56 . 2013-11-13 10:56        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-11-13 10:56 . 2013-11-13 10:56        453120        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-11-13 10:56 . 2013-11-13 10:56        413696        ----a-w-        c:\windows\system32\html.iec

2013-11-13 10:56 . 2013-11-13 10:56        40448        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 10:56 . 2013-11-13 10:56        36352        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-11-13 10:56 . 2013-11-13 10:56        34816        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-11-13 10:56 . 2013-11-13 10:56        337408        ----a-w-        c:\windows\SysWow64\html.iec

2013-11-13 10:56 . 2013-11-13 10:56        30208        ----a-w-        c:\windows\system32\licmgr10.dll

2013-11-13 10:56 . 2013-11-13 10:56        296960        ----a-w-        c:\windows\system32\dxtrans.dll

2013-11-13 10:56 . 2013-11-13 10:56        263376        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-11-13 10:56 . 2013-11-13 10:56        247808        ----a-w-        c:\windows\system32\msls31.dll

2013-11-13 10:56 . 2013-11-13 10:56        24576        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-11-13 10:56 . 2013-11-13 10:56        243200        ----a-w-        c:\windows\system32\webcheck.dll

2013-11-13 10:56 . 2013-11-13 10:56        235520        ----a-w-        c:\windows\system32\url.dll

2013-11-13 10:56 . 2013-11-13 10:56        235008        ----a-w-        c:\windows\system32\elshyph.dll

2013-11-13 10:56 . 2013-11-13 10:56        195584        ----a-w-        c:\windows\system32\msrating.dll

2013-11-13 10:56 . 2013-11-13 10:56        182272        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-11-13 10:56 . 2013-11-13 10:56        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-11-13 10:56 . 2013-11-13 10:56        151552        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-11-13 10:56 . 2013-11-13 10:56        147968        ----a-w-        c:\windows\system32\occache.dll

2013-11-13 10:56 . 2013-11-13 10:56        143872        ----a-w-        c:\windows\system32\wextract.exe

2013-11-13 10:56 . 2013-11-13 10:56        139264        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-11-13 10:56 . 2013-11-13 10:56        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-11-13 10:56 . 2013-11-13 10:56        135680        ----a-w-        c:\windows\system32\iepeers.dll

2013-11-13 10:56 . 2013-11-13 10:56        13312        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-11-13 10:56 . 2013-11-13 10:56        13312        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-11-13 10:56 . 2013-11-13 10:56        131072        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-11-13 10:56 . 2013-11-13 10:56        1228800        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-11-13 10:56 . 2013-11-13 10:56        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-11-13 10:56 . 2013-11-13 10:56        111616        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-11-13 10:56 . 2013-11-13 10:56        105984        ----a-w-        c:\windows\system32\iesysprep.dll

2013-11-13 10:56 . 2013-11-13 10:56        1051136        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-11-13 10:56 . 2013-11-13 10:56        101376        ----a-w-        c:\windows\system32\inseng.dll

2013-11-11 04:50 . 2012-10-11 14:38        267936        ------w-        c:\windows\system32\MpSigStub.exe

2013-10-31 09:09 . 2013-10-31 09:16        8946728        ----a-w-        c:\windows\system32\cdintf500_64.dll

2013-10-31 09:09 . 2013-10-31 09:16        7181352        ----a-w-        c:\windows\SysWow64\cdintf500.dll

2013-10-17 11:29 . 2013-10-17 11:29        4955176        ----a-w-        c:\windows\SysWow64\LxXtreme110.dll

2013-10-17 11:29 . 2013-10-17 11:29        28200        ----a-w-        c:\windows\SysWow64\LxTPSW100.dll

2013-10-17 11:29 . 2013-10-17 11:29        106536        ----a-w-        c:\windows\SysWow64\LxUISettingsN100.dll

2013-10-17 11:29 . 2013-10-17 11:29        65576        ----a-w-        c:\windows\SysWow64\LxPXTree100.dll

2013-10-17 11:29 . 2013-10-17 11:29        1340456        ----a-w-        c:\windows\SysWow64\LxTool112.dll

2013-10-17 11:29 . 2013-10-17 11:29        129576        ----a-w-        c:\windows\SysWow64\LxMail100.dll

2013-10-17 11:29 . 2013-10-17 11:29        51752        ----a-w-        c:\windows\SysWow64\LXCurr100.dll

2013-10-17 11:29 . 2013-10-17 11:29        70184        ----a-w-        c:\windows\SysWow64\LxCI12.dll

2013-10-17 11:29 . 2013-10-17 11:29        209960        ----a-w-        c:\windows\SysWow64\LxBasics100.dll

2013-10-14 17:00 . 2013-11-13 11:03        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE

2013-10-12 02:30 . 2013-11-13 15:04        830464        ----a-w-        c:\windows\system32\nshwfp.dll

2013-10-12 02:29 . 2013-11-13 15:04        859648        ----a-w-        c:\windows\system32\IKEEXT.DLL

2013-10-12 02:29 . 2013-11-13 15:04        324096        ----a-w-        c:\windows\system32\FWPUCLNT.DLL

2013-10-12 02:03 . 2013-11-13 15:04        656896        ----a-w-        c:\windows\SysWow64\nshwfp.dll

2013-10-12 02:01 . 2013-11-13 15:04        216576        ----a-w-        c:\windows\SysWow64\FWPUCLNT.DLL

2013-10-11 10:36 . 2013-10-11 10:36        51752        ----a-w-        c:\windows\SysWow64\FKStampPainter20.dll

2013-10-05 20:25 . 2013-11-13 15:05        1474048        ----a-w-        c:\windows\system32\crypt32.dll

2013-10-05 19:57 . 2013-11-13 15:05        1168384        ----a-w-        c:\windows\SysWow64\crypt32.dll

2013-10-04 02:28 . 2013-11-13 15:04        190464        ----a-w-        c:\windows\system32\SmartcardCredentialProvider.dll

2013-10-04 02:25 . 2013-11-13 15:04        197120        ----a-w-        c:\windows\system32\credui.dll

2013-10-04 02:24 . 2013-11-13 15:04        1930752        ----a-w-        c:\windows\system32\authui.dll

2013-10-04 01:58 . 2013-11-13 15:04        152576        ----a-w-        c:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56 . 2013-11-13 15:04        168960        ----a-w-        c:\windows\SysWow64\credui.dll

2013-10-04 01:56 . 2013-11-13 15:04        1796096        ----a-w-        c:\windows\SysWow64\authui.dll

2013-10-03 02:23 . 2013-11-13 15:05        404480        ----a-w-        c:\windows\system32\gdi32.dll

2013-10-03 02:00 . 2013-11-13 15:05        311808        ----a-w-        c:\windows\SysWow64\gdi32.dll

2013-09-28 01:09 . 2013-11-13 15:05        497152        ----a-w-        c:\windows\system32\drivers\afd.sys

2013-09-26 13:27 . 2013-09-26 13:27        76840        ----a-w-        c:\windows\SysWow64\LxDNTvm100.dll

2013-09-26 13:27 . 2013-09-26 13:27        321576        ----a-w-        c:\windows\SysWow64\LxDNT100.dll

2013-09-26 13:27 . 2013-09-26 13:27        140840        ----a-w-        c:\windows\SysWow64\LxDNTvmc100.dll

2013-09-25 02:26 . 2013-11-13 15:05        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys

2013-09-25 02:26 . 2013-11-13 15:05        154560        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys

2013-09-25 02:23 . 2013-11-13 15:05        135680        ----a-w-        c:\windows\system32\sspicli.dll

2013-09-25 02:23 . 2013-11-13 15:05        28672        ----a-w-        c:\windows\system32\sspisrv.dll

2013-09-25 02:23 . 2013-11-13 15:05        28160        ----a-w-        c:\windows\system32\secur32.dll

2013-09-25 02:22 . 2013-11-13 15:05        340992        ----a-w-        c:\windows\system32\schannel.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"F.lux"="c:\users\Nutzer\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]

"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]

"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]

"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]

"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-06 3568312]

.

c:\users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2012-2-24 549040]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/05/19 01:57;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]

R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]

R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]

R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]

S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]

S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]

S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]

S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]

S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]

S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*Deregistered* - CLKMDRV10_38F51D56

.

Inhalt des "geplante Tasks" Ordners

.

2013-12-13 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

2013-12-13 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-12-06 20:26        326944        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2011-05-25 07:09        227840        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2011-05-25 07:09        227840        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-06 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-06 398616]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-12-29 1014432]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-12-29 800416]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=hp&installDate={installDate}

mLocal Page = c:\windows\SysWOW64\blank.htm

uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=71461f0a-823a-4a87-8ad6-a9d5a5f931ea&searchtype=ds&q={searchTerms}&installDate={installDate}

TCP: Interfaces\{952061AE-52BE-43CD-A0C4-ED203E4903FF}: NameServer = 192.168.178.1

FF - ProfilePath - c:\users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - google.de

FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=b5407523-9d30-4afa-ade6-2dcf8cf63eec&affid=111583&searchtype=ds&babsrc=lnkry&q=

FF - ExtSQL: 2013-10-22 20:24; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - ExtSQL: 2013-11-08 22:39; YoutubeDownloader@PeterOlayev.com; c:\users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\u8rgr50n.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi

FF - ExtSQL: 2013-12-06 21:26; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKLM-Run-20131121 - c:\program files\AVAST Software\Avast\setup\emupdate\bd8b5be3-5c9e-458d-9149-36c4c4f4f270.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

AddRemove-Bochs 2.6.2 - c:\program files (x86)\Bochs-2.6.2\Uninstall.exe

AddRemove-Kain 2 - c:\windows\IsUn0407.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-2803969532-3586009099-3580304194-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:cc,7d,3f,ec,0f,a9,5f,68,80,19,3d,17,33,70,61,39,64,06,cd,27,e2,b2,25,

   f4,5e,fe,eb,0b,5e,8b,ac,a2,89,8d,65,d6,1c,42,c0,0c,47,04,be,cc,27,67,a3,73,\

"??"=hex:32,b2,0a,ee,2f,91,27,a2,29,9c,60,2f,22,1b,e9,c3

.

[HKEY_USERS\S-1-5-21-2803969532-3586009099-3580304194-1001\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:16,f3,a4,4f,70,ac,4d,76,28,d9,17,87,82,f6,db,d0,51,38,2f,22,e4,

   95,dd,d4,13,2f,1f,7c,b2,f9,10,d8,ee,44,64,70,65,6d,c8,02,44,87,ca,54,21,58,\

"rkeysecu"=hex:de,b6,88,f1,4a,ef,9e,a7,7b,a7,e0,ef,c4,ac,6c,b4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-12-14  10:55:09

ComboFix-quarantined-files.txt  2013-12-14 09:55

.

Vor Suchlauf: 15 Verzeichnis(se), 150.258.970.624 Bytes frei

Nach Suchlauf: 19 Verzeichnis(se), 150.607.466.496 Bytes frei

.

- - End Of File - - DEDA196114F2933FD87D3472B5632621

--- --- ---

lg