Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internetseiten werden nicht komplett aufgebaut bzw. Anwendungen lassen sich nicht starten (https://www.trojaner-board.de/150200-internetseiten-komplett-aufgebaut-bzw-anwendungen-lassen-starten.html)

raute71 23.02.2014 20:29
Internetseiten werden nicht komplett aufgebaut bzw. Anwendungen lassen sich nicht starten
 
Hallo,

habe folgendes Problem.
Gestern funktionierten von jetzt auf gleich diverse Seiten bzw.
Anwendungen nicht mehr.
Als Beispiel.. aus Bild.de wird nur 1/4 der Seite dargestellt. Wenn ich
mich einloggen will,
zeigt er Benutzername und PW Eingabe aber einloggen kann ich mich
trotzdem nicht. Oben,
wo die "Hauptmeldungen sind und man noch die Möglichkleit hat andere
Meldungen anzuklcken,
springt er immer wieder nach ganz oben zum Seitenanfang..
Auf Comunio kann ich mich zwar einloggen, aber keine "Unterseiten" wie
z.B. Transfermarkt
aufmachen oder es kommt nur das Zeichen, das er arbeitet aber nichts
passiert...
Auf FB z.B. kann man keine kleinen Spiele, wie z.B. CandyCrush öffnen.

Jemand sagte es könnte sein, das die Festplatte einen Schaden hat..
Ich dachte ich frage einfach mal hier ob jemand einen Rat weiß.
Die Logs habe ich beigelegt. Hoffe jemand kann damit was anfangen...
ach ja auf meinem PC konnte ich die Datei nicht hochladen..

schrauber 24.02.2014 07:50
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

raute71 25.02.2014 09:00
hier nochmals die Logs..

Code:
efogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:36 on 23/02/2014 (Zerdrisch)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 01
Ran by Zerdrisch at 2014-02-23 19:41:52
Running from C:\Users\Zerdrisch\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0405.2205.37728 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0405.2205.37728 - Ihr Firmenname) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 3.6.108 - Abelssoft)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.8.9.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Benutzerhandbuch EPSON XP-205 207 Series (HKLM-x32\...\EPSON XP-205 207 Series Useg) (Version:  - )
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{87C4B64E-7BC8-4FF9-91B3-6ADE6788B359}_is1) (Version: CLICK & LEARN DiDi 360° 4.3 DVD - DEGENER)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
District 187 (HKLM-x32\...\Steam App 221080) (Version:  - )
Download Navigator (HKLM-x32\...\{D0353B68-A142-4F89-A46E-1C9A7745D636}) (Version: 3.4.1 - SEIKO EPSON CORPORATION)
Driver Sweeper 1.5.5 (HKLM-x32\...\{0965D484-1777-4BA5-8C3A-095A6B0D2696}_is1) (Version:  - Phyxion.net - Guru3D.com)
Druckerdeinstallation für EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
EASEUS Partition Master 9.1.0 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version:  - EASEUS)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
G Data InternetSecurity 2014 (HKLM-x32\...\{7765322A-8601-47D3-AC60-B66677450D7B}) (Version: 24.0.3.4 - G Data Software AG)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
Hotspot Shield 3.13 (HKLM-x32\...\HotspotShield) (Version: 3.13 - AnchorFree Inc.)
INsanes HUD and GUI 11 for dods beta (HKLM-x32\...\INsanes HUD and GUI) (Version: 11 for dods beta - dodbits)
Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Live Update 5 (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.081 - MSI)
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Nero 11 (HKLM-x32\...\{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}) (Version: 11.0.11200 - Nero AG)
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.0.18000.19.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12500.24.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.15600.1.17 - Nero AG) Hidden
Nero CoverDesigner 11 (x32 Version: 6.0.10800.11.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.0.11900.24.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.10.24000.138.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Recode 11 (x32 Version: 5.0.13600.34.100 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (x32 Version: 8.0.14600.27.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (x32 Version: 6.0.11100.7.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Netzwerkhandbuch EPSON XP-205 207 Series (HKLM-x32\...\EPSON XP-205 207 Series Netg) (Version:  - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.75.420 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.70.1 - PS3 Media Server)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - )
Sound Blaster Tactic(3D) Alpha (HKLM-x32\...\{2226247D-9846-4370-A1EF-FAA6958F7632}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
SprayR 1.0 RC7b (HKLM-x32\...\SprayR) (Version: 1.0 RC7b - Jan 'neofrag' Willms)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Trials 2: Second Edition (HKLM-x32\...\Steam App 16600) (Version:  - RedLynx)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.2020.20 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.2020.20 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2020.20 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
welcome (x32 Version: 11.0.21500.0.4 - Nero AG) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2011-10-22 18:39 - 00000861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com

==================== Scheduled Tasks (whitelisted) =============

Task: {042DD4FD-8AA1-4B3C-BDF7-B43D02E3ACAE} - System32\Tasks\{BF59A0DD-7476-4A69-81AA-8D05E918C779} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {0A312467-2D01-4396-B0BD-1FA906FBCA8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: {0A9B4B45-01A9-40ED-A4C1-CBA9CED87A98} - System32\Tasks\{209CB163-0AFF-46C7-9F88-186CA1B4E29F} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {0B05D80D-63A5-4F2A-9109-71FA04502E28} - System32\Tasks\{1C6A7AE8-C19F-47EE-862F-FE0EB35B2C19} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {1C1467EC-2865-4D91-B1FF-1ABA66A7FBC9} - System32\Tasks\{9B11214E-29B9-4DD1-9D56-FB21BC67A1F1} => E:\setup.exe
Task: {1D6C8468-DA5F-4DB4-9580-096BD857B29A} - System32\Tasks\{EA915DEB-CC94-4478-AA11-6A3DBBBD2721} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {22306F1B-4FB4-45B8-A383-9BC5B1C62BB3} - System32\Tasks\{4ACB408F-52C0-4149-A8E5-D076AAD81C9F} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {2FDCFCA5-74C4-4771-AE14-43A3CDC089A5} - System32\Tasks\{6D742100-5FBF-4B47-8F2C-92B27547E0FE} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {3098DE2F-F386-412E-800A-4467D723F87A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22] (Adobe Systems Incorporated)
Task: {35FC0267-4ECE-4D0C-843E-E2CCB5EE2AE9} - System32\Tasks\{674565A4-5215-4F84-9211-4D911191069C} => G:\Anno 1701\Anno1701.exe [2011-02-18] (Related Designs Software GmbH)
Task: {3FDD32D7-361F-44D7-9223-83BB29CBCA44} - System32\Tasks\{19AF4BC9-F5F6-42B8-9C20-879E76D31AC0} => G:\Anno 1701\Anno1701.exe [2011-02-18] (Related Designs Software GmbH)
Task: {4CB13CFB-4535-4515-80FA-0CE44D12238C} - System32\Tasks\{5B0917C0-3EFC-439E-956C-706EDC4C3ABF} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {4EAD9837-29C9-4673-A59F-96D2E6B8BE16} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {69A9B0B4-EBE0-425A-92B2-54F9FA327414} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => H:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {6ACDEFFC-F26E-4C48-9354-F066A90A8EBD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {797D9644-41A1-4B5A-AA51-9C7270C8295C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: {7CDEDDC6-4277-4124-A863-6C3DEDBEF4D8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {84F6894E-CDE1-45B9-BAE3-650BFB32E5BC} - System32\Tasks\{BD7B2391-BF00-42D9-93D3-E3ACC0A1696D} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {86814335-3BC1-4198-87E7-3E2DF3439124} - System32\Tasks\Amazon Music Helper => C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-01-14] ()
Task: {88B976AB-F8F3-4946-8A75-9716EB899D02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {A66AB5C9-3579-4939-9EEB-10C31856FCBE} - System32\Tasks\{33CF91C8-4F25-4AEA-9071-CF5D71E4B999} => G:\Anno 1701\Anno1701.exe [2011-02-18] (Related Designs Software GmbH)
Task: {A71AE6C7-9927-4578-AE6F-9D031461E53D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => H:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {BE8CC1C0-138F-4CAD-A911-0E0BCCCCF75F} - System32\Tasks\{69DBC658-FF29-45BB-B137-06D000089D0C} => C:\Users\Zerdrisch\Downloads\holly\HOLLY\KINO.EXE [1995-04-27] ()
Task: {D65A80E6-1CE1-4BB5-808A-40ACDB97F48E} - System32\Tasks\Logitech-Online-Aktualisierungsprogramm => F:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Task: {EBB105CC-8805-46CA-B910-6448820CEED3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => F:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2011-10-14] (TuneUp Software)
Task: {EE94DE58-0194-40D9-A3B4-1EF7F51F4DB8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => H:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-16 22:43 - 2013-08-16 22:43 - 00555304 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2013-08-14 09:31 - 2013-08-14 09:31 - 00335312 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 00037792 _____ () F:\Program Files (x86)\AntiBrowserSpy\AbCommons.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 06559648 _____ () F:\Program Files (x86)\AntiBrowserSpy\Commons.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 00174496 _____ () F:\Program Files (x86)\AntiBrowserSpy\AbBrowserLibs.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 00018848 _____ () F:\Program Files (x86)\AntiBrowserSpy\VersionInfo.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 00018848 _____ () F:\Program Files (x86)\AntiBrowserSpy\AbSettingsKeeper.dll
2011-10-22 18:34 - 2011-08-15 11:44 - 00012704 _____ () F:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2014-02-13 16:57 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2012-04-05 20:57 - 2012-04-05 20:57 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-04-05 21:00 - 2012-04-05 21:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-16 22:39 - 2013-08-16 22:39 - 00764200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-02-23 14:21 - 2012-08-23 10:38 - 00574840 _____ () H:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-23 14:21 - 2013-05-16 10:55 - 00113496 _____ () H:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-23 14:21 - 2013-05-16 10:55 - 00416600 _____ () H:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-23 14:21 - 2013-05-16 10:55 - 00161112 _____ () H:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-23 14:21 - 2012-04-03 17:06 - 00565640 _____ () H:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-02-16 21:03 - 2014-01-16 20:46 - 36967424 _____ () C:\Users\Zerdrisch\AppData\Roaming\Spotify\Data\libcef.dll
2014-02-23 14:04 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2014 02:01:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x704
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (02/23/2014 00:18:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x708
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (02/23/2014 02:45:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x700
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (02/22/2014 11:32:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4f7e4d8c
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x700
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (02/22/2014 03:43:12 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (02/21/2014 11:34:58 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (02/21/2014 09:12:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/21/2014 03:18:57 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (02/20/2014 05:45:01 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).

Error: (02/17/2014 09:29:19 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


System errors:
=============
Error: (02/23/2014 03:18:41 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AmdTools
hwinterface

Error: (02/23/2014 03:18:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2014 03:18:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2014 03:17:54 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/23/2014 02:03:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2014 02:03:04 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AmdTools
hwinterface

Error: (02/23/2014 02:03:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2014 02:02:28 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/23/2014 02:01:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/23/2014 02:01:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-23 15:18:13.238
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 15:18:13.035
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 14:02:49.750
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 14:02:49.547
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 12:19:27.503
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 12:19:27.300
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 11:39:42.909
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 11:39:42.722
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 01:06:12.450
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-23 01:06:12.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AmdTools64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 8191.18 MB
Available physical RAM: 5592.08 MB
Total Pagefile: 16380.54 MB
Available Pagefile: 13004.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.96 GB) (Free:17.83 GB) NTFS
Drive f: (Programme) (Fixed) (Total:98.08 GB) (Free:90.47 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:150.46 GB) (Free:89.59 GB) NTFS
Drive h: (Daten) (Fixed) (Total:130.91 GB) (Free:68.16 GB) NTFS
Drive i: (System) (Fixed) (Total:17.26 GB) (Free:4.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C25F01AA)

Partition: GPT Partition Type.

==================== End Of Log ============================



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 01
Ran by Zerdrisch (administrator) on LAURENZ on 23-02-2014 19:41:25
Running from C:\Users\Zerdrisch\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) F:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) F:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes Corporation) H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) H:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) F:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) H:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) H:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(G Data Software AG) F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes Corporation) H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft) F:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
(Spotify Ltd) C:\Users\Zerdrisch\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Zerdrisch\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(G Data Software AG) F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(G Data Software AG) F:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Safer-Networking Ltd.) H:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TuneUp Software) F:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [134160 2007-09-21] (Logitech, Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [GDFirewallTray] - F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - F:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [SDTray] - H:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,f:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Run: [BrowserMask] - F:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101280 2011-08-15] (Microsoft)
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Run: [Spotify Web Helper] - C:\Users\Zerdrisch\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Run: [Spotify] - C:\Users\Zerdrisch\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Run: [Amazon Cloud Player] - C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2212520092-3213301106-2650113575-1001\...\MountPoints2: {37206845-f9a7-11e0-a96c-806e6f6e6963} - D:\setup.exe
IFEO\AcroRd32.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\anno1701.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\bonus.screenshotreader.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\ccleaner64.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\lightscribecontrolpanel.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\lslauncher.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\sprint.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "F:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC7B72A32C640CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {36DF6DF7-281B-4f26-832E-D219D1B8C4D5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
SearchScopes: HKCU - {F029B4F8-D5DE-4f72-ACAC-C802D92A2215} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default
FF user.js: detected! => C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\user.js
FF DefaultSearchEngine: foxsearch
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: foxsearch
FF Homepage: hxxp://search.conduit.com/?ctid=CT2468864&SearchSource=13
FF Keyword.URL: hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - F:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: BloodFire 3 - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\bloodfire@example.com [2011-10-18]
FF Extension: Adobe BrowserLab for Firebug - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\browserlab@adobe.com [2012-03-30]
FF Extension: FRITZ!Box AddOn - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\fb_add_on@avm.de [2013-04-12]
FF Extension: No Name - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\nostmp [2011-10-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-10]
FF Extension: NoScript - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-10-18]
FF Extension: SVG Colors - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\{c09397ad-61b8-4fcf-b199-54bcfb91c380}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Zerdrisch\AppData\Roaming\Mozilla\Firefox\Profiles\gl81lg40.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-08-24]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-05-09]

==================== Services (Whitelisted) =================

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; F:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; F:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R3 GDFwSvc; F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [852264 2013-08-16] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-08-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-08-16] ()
R2 MBAMScheduler; H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 SDScannerService; H:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; H:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; H:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; F:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2072896 2011-10-14] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S1 AmdTools; C:\Windows\System32\DRIVERS\AmdTools64.sys [38912 2006-02-23] (AMD, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138872 2011-12-04] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138872 2011-12-04] (SlySoft, Inc.)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-27] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-27] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31448 2011-10-19] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-09-27] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-10-23] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-27] (G Data Software AG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-08-13] (AnchorFree Inc.)
S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [2996 2011-12-27] (Buzz)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MSI_MSIBIOS_010507; F:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [33592 2010-05-10] (Your Corporation)
S3 NTIOLib_1_0_4; F:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7599vHI0\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 RecFltr; C:\Windows\System32\drivers\RecFltr.sys [45440 2007-01-18] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; F:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-10-13] (TuneUp Software)
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz130; \??\C:\Users\ZERDRI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
S3 SANDRA; \??\I:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-23 19:41 - 2014-02-23 19:41 - 00021770 _____ () C:\Users\Zerdrisch\Downloads\FRST.txt
2014-02-23 19:40 - 2014-02-23 19:41 - 00000000 ____D () C:\FRST
2014-02-23 19:39 - 2014-02-23 19:40 - 02155520 _____ (Farbar) C:\Users\Zerdrisch\Downloads\FRST64.exe
2014-02-23 19:36 - 2014-02-23 19:36 - 00000480 _____ () C:\Users\Zerdrisch\Downloads\defogger_disable.log
2014-02-23 19:36 - 2014-02-23 19:36 - 00000000 _____ () C:\Users\Zerdrisch\defogger_reenable
2014-02-23 19:31 - 2014-02-23 19:31 - 00380416 _____ () C:\Users\Zerdrisch\Downloads\Gmer-19357.exe
2014-02-23 19:29 - 2014-02-23 19:29 - 00050477 _____ () C:\Users\Zerdrisch\Downloads\Defogger.exe
2014-02-23 14:21 - 2014-02-23 15:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-23 14:21 - 2014-02-23 14:21 - 00001089 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-23 14:21 - 2014-02-23 14:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-23 14:21 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-23 14:20 - 2014-02-23 14:20 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Zerdrisch\Downloads\spybot-2.2.25.exe
2014-02-23 14:05 - 2014-02-23 14:05 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-23 14:04 - 2014-02-23 14:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-23 13:59 - 2014-02-23 13:59 - 00283256 _____ (Mozilla) C:\Users\Zerdrisch\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-23 12:19 - 2014-02-23 12:19 - 00000418 _____ () C:\Windows\PFRO.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000825 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Roaming\Malwarebytes
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 12:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-23 12:00 - 2014-02-23 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zerdrisch\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 11:56 - 2014-02-23 11:56 - 00000676 _____ () C:\Users\Zerdrisch\Desktop\HD Tune.lnk
2014-02-23 11:55 - 2014-02-23 11:55 - 00642632 _____ (EFD Software ) C:\Users\Zerdrisch\Downloads\hdtune_255.exe
2014-02-23 01:05 - 2014-02-23 01:05 - 00003544 ____N () C:\bootsqm.dat
2014-02-22 22:35 - 2014-02-23 15:18 - 00000336 _____ () C:\Windows\setupact.log
2014-02-22 22:35 - 2014-02-22 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 21:50 - 2014-02-22 21:50 - 04721920 _____ (Piriform Ltd) C:\Users\Zerdrisch\Downloads\ccsetup410.exe
2014-02-20 16:24 - 2014-02-21 15:32 - 00040448 _____ () C:\Users\Zerdrisch\Desktop\ALTelefonliste 13_14.xls
2014-02-20 16:24 - 2014-02-20 17:32 - 00014628 _____ () C:\Users\Zerdrisch\Desktop\AL Telefon.xlsx
2014-02-13 16:57 - 2014-02-13 16:57 - 00001634 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-02-13 16:57 - 2014-02-13 16:57 - 00001231 _____ () C:\Users\Zerdrisch\Desktop\Amazon Cloud Player.lnk
2014-02-13 16:57 - 2014-02-13 16:57 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-02-13 16:57 - 2014-02-13 16:57 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player
2014-02-13 16:56 - 2014-02-13 16:56 - 36160080 _____ (Amazon) C:\Users\Zerdrisch\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-02-12 21:19 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 21:19 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 21:19 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 21:19 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 21:19 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 21:19 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 21:19 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 21:19 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 21:19 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 21:19 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 21:19 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 21:19 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 21:19 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 21:19 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 21:19 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 21:19 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 21:19 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 21:19 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 21:19 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 21:19 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 21:19 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 21:19 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 21:19 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 21:19 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 21:19 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 21:19 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 21:19 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 21:19 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 21:19 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 21:19 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 21:19 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 21:19 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 21:19 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 21:19 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 21:19 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 21:19 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 21:19 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 21:19 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 21:19 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 21:19 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 21:19 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 15:58 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 15:58 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 15:58 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 15:58 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 15:58 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 15:58 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 15:58 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 15:58 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 15:58 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 15:58 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 15:58 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 15:58 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 15:58 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 15:58 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 15:58 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 15:58 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 15:58 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 15:58 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 15:58 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 15:58 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 15:58 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 15:58 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 15:58 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 15:58 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 15:58 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 15:58 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 15:58 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 15:58 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 20:11 - 2014-02-09 20:11 - 02960288 _____ () C:\Users\Zerdrisch\Downloads\FRITZ!BoxAddOnIE64_German.exe
2014-02-08 17:35 - 2014-02-08 17:35 - 00000833 _____ () C:\Users\Zerdrisch\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2014-01-29 01:18 - 2014-02-12 21:20 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-28 15:31 - 2014-01-28 15:31 - 00000000 ____D () C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

2014-02-23 19:41 - 2014-02-23 19:41 - 00021770 _____ () C:\Users\Zerdrisch\Downloads\FRST.txt
2014-02-23 19:41 - 2014-02-23 19:40 - 00000000 ____D () C:\FRST
2014-02-23 19:40 - 2014-02-23 19:39 - 02155520 _____ (Farbar) C:\Users\Zerdrisch\Downloads\FRST64.exe
2014-02-23 19:36 - 2014-02-23 19:36 - 00000480 _____ () C:\Users\Zerdrisch\Downloads\defogger_disable.log
2014-02-23 19:36 - 2014-02-23 19:36 - 00000000 _____ () C:\Users\Zerdrisch\defogger_reenable
2014-02-23 19:36 - 2011-10-18 18:01 - 00000000 ____D () C:\Users\Zerdrisch
2014-02-23 19:31 - 2014-02-23 19:31 - 00380416 _____ () C:\Users\Zerdrisch\Downloads\Gmer-19357.exe
2014-02-23 19:29 - 2014-02-23 19:29 - 00050477 _____ () C:\Users\Zerdrisch\Downloads\Defogger.exe
2014-02-23 19:12 - 2013-04-04 21:34 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-23 19:12 - 2013-04-04 21:34 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-23 19:01 - 2009-07-14 05:45 - 00034464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 19:01 - 2009-07-14 05:45 - 00034464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 18:56 - 2011-10-18 17:38 - 01781678 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 18:55 - 2012-09-15 18:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 15:37 - 2013-02-16 21:03 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Roaming\Spotify
2014-02-23 15:18 - 2014-02-22 22:35 - 00000336 _____ () C:\Windows\setupact.log
2014-02-23 15:18 - 2012-04-24 18:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 15:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 15:14 - 2014-02-23 14:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-23 14:21 - 2014-02-23 14:21 - 00001089 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-23 14:21 - 2014-02-23 14:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-23 14:20 - 2014-02-23 14:20 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Zerdrisch\Downloads\spybot-2.2.25.exe
2014-02-23 14:05 - 2014-02-23 14:05 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-23 14:05 - 2014-02-23 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-23 13:59 - 2014-02-23 13:59 - 00283256 _____ (Mozilla) C:\Users\Zerdrisch\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-23 12:19 - 2014-02-23 12:19 - 00000418 _____ () C:\Windows\PFRO.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000825 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Roaming\Malwarebytes
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-23 12:00 - 2014-02-23 12:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zerdrisch\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 11:56 - 2014-02-23 11:56 - 00000676 _____ () C:\Users\Zerdrisch\Desktop\HD Tune.lnk
2014-02-23 11:55 - 2014-02-23 11:55 - 00642632 _____ (EFD Software ) C:\Users\Zerdrisch\Downloads\hdtune_255.exe
2014-02-23 02:13 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-23 01:05 - 2014-02-23 01:05 - 00003544 ____N () C:\bootsqm.dat
2014-02-22 22:42 - 2012-09-15 18:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 22:42 - 2012-04-01 18:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 22:42 - 2011-10-18 18:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 22:41 - 2011-10-18 20:13 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Local\Adobe
2014-02-22 22:35 - 2014-02-22 22:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 22:34 - 2012-11-01 18:33 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-22 21:56 - 2011-10-18 18:34 - 00000000 ____D () C:\Windows\Panther
2014-02-22 21:51 - 2012-11-01 18:33 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-22 21:51 - 2012-11-01 18:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-22 21:50 - 2014-02-22 21:50 - 04721920 _____ (Piriform Ltd) C:\Users\Zerdrisch\Downloads\ccsetup410.exe
2014-02-21 21:26 - 2013-02-16 21:03 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Local\Spotify
2014-02-21 21:13 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 21:13 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 21:13 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 15:32 - 2014-02-20 16:24 - 00040448 _____ () C:\Users\Zerdrisch\Desktop\ALTelefonliste 13_14.xls
2014-02-20 17:32 - 2014-02-20 16:24 - 00014628 _____ () C:\Users\Zerdrisch\Desktop\AL Telefon.xlsx
2014-02-20 16:29 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-17 21:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-17 19:07 - 2013-04-04 21:34 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 19:07 - 2013-04-04 21:34 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 23:17 - 2013-08-14 13:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 23:16 - 2011-10-20 19:37 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 16:57 - 2014-02-13 16:57 - 00001634 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-02-13 16:57 - 2014-02-13 16:57 - 00001231 _____ () C:\Users\Zerdrisch\Desktop\Amazon Cloud Player.lnk
2014-02-13 16:57 - 2014-02-13 16:57 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-02-13 16:57 - 2014-02-13 16:57 - 00000000 ____D () C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player
2014-02-13 16:56 - 2014-02-13 16:56 - 36160080 _____ (Amazon) C:\Users\Zerdrisch\Downloads\AmazonCloudPlayerInstaller_422.exe
2014-02-12 21:20 - 2014-01-29 01:18 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 15:54 - 2014-01-21 17:54 - 00004096 _____ () C:\Users\Public\Documents\00003156.LCS
2014-02-09 20:11 - 2014-02-09 20:11 - 02960288 _____ () C:\Users\Zerdrisch\Downloads\FRITZ!BoxAddOnIE64_German.exe
2014-02-08 17:35 - 2014-02-08 17:35 - 00000833 _____ () C:\Users\Zerdrisch\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2014-02-06 13:16 - 2014-02-12 21:19 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 21:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 21:19 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 21:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 21:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 21:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 21:19 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 21:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 21:19 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 21:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 21:19 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 21:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 21:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 21:19 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 21:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 21:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 21:19 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 21:19 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 21:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 21:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 21:19 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 21:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 21:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 21:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 21:19 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 21:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 21:19 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 21:19 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 21:19 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 21:19 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 21:19 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 21:19 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 21:19 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 21:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 21:19 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 21:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-28 15:31 - 2014-01-28 15:31 - 00000000 ____D () C:\ProgramData\McAfee

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-21 14:50

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---



Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-23 19:56:06
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD502HJ rev.1AJ10001 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\ZERDRI~1\AppData\Local\Temp\uxrdapob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe[1544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                            00000000753c1465 2 bytes [3C, 75]
.text    C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe[1544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                            00000000753c14bb 2 bytes [3C, 75]
.text    ...                                                                                                                                                                                                          * 2
.text    H:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                                  00000000753c1465 2 bytes [3C, 75]
.text    H:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2132] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                                00000000753c14bb 2 bytes [3C, 75]
.text    ...                                                                                                                                                                                                          * 2
.text    F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[4244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                      00000000753c1465 2 bytes [3C, 75]
.text    F:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[4244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                    00000000753c14bb 2 bytes [3C, 75]
.text    ...                                                                                                                                                                                                          * 2
.text    C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                            00000000753c1465 2 bytes [3C, 75]
.text    C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                            00000000753c14bb 2 bytes [3C, 75]
.text    ...                                                                                                                                                                                                          * 2
---- Processes - GMER 2.1 ----

Process  C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE (*** suspicious ***) @ C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2008] (EPSON Status Monitor 3/SEIKO EPSON CORPORATION)(2011-11-02 16:22:40)                0000000000400000
Process  C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (*** suspicious ***) @ C:\Users\Zerdrisch\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2480](2014-02-13 15:57:04)  0000000001270000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158354cdac                                                                                                                                 
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158354cdac@c88447115c0e                                                                                                                      0x26 0x40 0x01 0x8A ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158354cdac (not active ControlSet)                                                                                                             
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158354cdac@c88447115c0e                                                                                                                          0x26 0x40 0x01 0x8A ...

---- EOF - GMER 2.1 ----
...ich hole es einfach nochmal nach vorne...

schrauber 26.02.2014 10:10
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

raute71 27.02.2014 21:46
ausgeführt...

leider bekomme ich, egal wo ich draufklicke, die Meldung...

"der datei ist kein programm zum ausführen der aktion zugeordnet. installieren sie ein
entsprechendes programm, oder erstellen sie in der systemsteuerung unter "standardprogramme", eine zuordnung, wenn bereits ein programm installiert ist."

nach dem OK drücken, will er die Verknüpfung dann löschen... :(

schrauber 28.02.2014 20:18
Seit dem Lauf von Combofix oder wenn Du CF laufen lassen willst?


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131