Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Windows 8.1 - SpyBot findet Maleware C Toolbar Montera (https://www.trojaner-board.de/146096-windows-8-1-spybot-findet-maleware-c-toolbar-montera.html)

19mario76 14.12.2013 20:09
Windows 8.1 - SpyBot findet Maleware C Toolbar Montera
 
Leider bekommt der SpyBot die gefundene Maleware nicht wirklich weg und ich würde gerne wieder mit einem Maleware, Vieren oder Trojaner Software freien System arbeiten.

Daher suche ich hier eure Hilfe!

Ich habe nun alle Log-Files und hier sind sie...
Musse sie wie Beschrieben als Anhang anbei packen, weil der Breitrag leider gesprengt wurde von der länge.

Habe mich bemüht alle Board Regeln zu beachten aber nun wohl einen zweiten Beitrag
erstellt sorry vielmals dafür ich ich hoffe ich bekomme noch Hilfe.

hier der erste....
http://www.trojaner-board.de/146065-...entfernen.html

Hier sind jedenfalls nun alle geforderten log Files enthalten

lg
mario

schrauber 14.12.2013 22:44
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

19mario76 14.12.2013 22:59
ok, ich leg mal los und post in der Reihenfolge wie ich die Logfiles erstellt habe.

zu erst der Log des SpyBots
Code:
Search results from Spybot - Search & Destroy

14.12.2013 10:46:22
Scan took 00:14:56.
28 items found.

Delta.Toolbar: [SBI $15E43F9C] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr

Delta.Toolbar: [SBI $1E0125E9] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Delta

Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\escort.DLL

Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\escort.DLL

Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane

Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1

Montera.Toolbar: [SBI $07586C96] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8E43B96-EB46-4820-92B7-232AEB735685}

Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane.1

Montera.Toolbar: [SBI $07586C96] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\escort.escortIEPane

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Mario\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GUDS4W5B\www.paypalobjects.com\paypalLSO.sol
  Properties.size=111
  Properties.md5=0D4E69A7B839B467D7C971CC9235B204
  Properties.filedate=1386971666
  Properties.filedatetext=2013-12-13 22:54:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Mario\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GUDS4W5B\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1386971636
  Properties.filedatetext=2013-12-13 22:53:56

DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

MediaPlex: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

MediaPlex: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

MediaPlex: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

Statcounter: [SBI $19447DDC] Tracking cookie (Firefox: Mario (default)) (Browser: Cookie, nothing done)
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1350587004-1826613761-2893582637-1004\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1350587004-1826613761-2893582637-1004\Software\Microsoft\DirectInput\MostRecentApplication\Id

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
 

Cache: [SBI $49804B54] Browser: Cache (43) (Browser: Cache, nothing done)
 

History: [SBI $49804B54] Browser: History (3) (Browser: History, nothing done)
 

Cookie: [SBI $49804B54] Browser: Cookie (148) (Browser: Cookie, nothing done)
 


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-12-13 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-12 Includes\Adware.sbi (*)
2013-12-10 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-11-19 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-12-10 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-12-03 Includes\TrojansC-03.sbi (*)
2013-10-22 Includes\TrojansC-04.sbi (*)
2013-12-10 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
dann hab ich auf anweisung zum ersten mal mit dem FRST die zwei Dateien erstelle

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by Mario (ATTENTION: The logged in user is not administrator) on FERRARI on 14-12-2013 11:19:29
Running from C:\Users\Mario\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\RunOnce: [LaunchWebURL] - C:\ProgramData\LaunchURL.bat [142 2013-10-27] ()
HKLM\...\RunOnce: [BrowserChoice] - C:\WINDOWS\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKCU\...\Run: [Plex Media Server] - D:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4014760 2013-04-03] (Plex, Inc.)
HKCU\...\Run: [icq] - C:\Users\Mario\AppData\Roaming\ICQM\icq.exe [28698984 2013-10-11] (ICQ)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-11-30] (Bitleader)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AllShare Control] - D:\Program Files (x86)\Samsung\AllShare Control\AllShare Control
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1395F067C5F7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=1EC484A6C8363E55&affID=121565&tt=160913_c1&tsp=5013
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: about:home
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - d:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\ich@maltegoetz.de
FF Extension: Flagfox - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: artur.dubovoy - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: elemhidehelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\elemhidehelper@adblockplus.org.xpi
FF Extension: jid1-cwbvBTE216jjpg - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
R2 SDScannerService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-27] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131213.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131213.018\ENG64.SYS [126040 2013-12-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131213.018\EX64.SYS [2099288 2013-12-11] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-14 11:19 - 2013-12-14 11:19 - 00017548 _____ C:\Users\Mario\Downloads\FRST.txt
2013-12-14 11:19 - 2013-12-14 11:19 - 00000000 ____D C:\FRST
2013-12-14 11:16 - 2013-12-14 11:16 - 01927462 _____ (Farbar) C:\Users\Mario\Downloads\FRST64.exe
2013-12-14 10:45 - 2013-12-14 10:46 - 00000000 ____D C:\Users\Mario\Desktop\Maleware - Toolbar Montera
2013-12-13 12:50 - 2013-12-13 12:52 - 00015346 _____ C:\Users\Mario\Documents\RA_Hermans_13.12.2012.odt
2013-12-13 05:55 - 2013-12-13 05:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-13 05:55 - 2013-12-13 05:55 - 00001133 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-13 05:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2013-12-13 05:53 - 2013-12-13 05:53 - 40658208 _____ (Safer-Networking Ltd.                                      ) C:\Users\Mario\Downloads\spybot-2.2.exe
2013-12-11 22:08 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 22:08 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 22:08 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 22:08 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 22:08 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 22:08 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 22:08 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 22:08 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-11 22:08 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 22:08 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-11 22:08 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 22:08 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 22:08 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 22:08 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-11 22:08 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-11 22:08 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 22:08 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 22:08 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 22:08 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 22:08 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-11 22:08 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-11 22:08 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 22:08 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 22:08 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 22:08 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 22:07 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-11 22:07 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-11 22:07 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-11 22:07 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-06 18:00 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Mario\dwhelper
2013-12-02 23:56 - 2013-12-02 23:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-28 14:41 - 2013-11-28 14:50 - 00011204 _____ C:\Users\Mario\Documents\Wochenmenüplan.odt
2013-11-22 17:56 - 2013-11-22 17:57 - 00016829 _____ C:\WINDOWS\DirectX.log
2013-11-22 17:31 - 2013-11-22 17:31 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-22 17:30 - 2013-11-22 17:30 - 00000219 _____ C:\Users\Mario\Desktop\Dota 2.url
2013-11-18 20:26 - 2013-11-18 20:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-16 20:33 - 2013-11-16 20:33 - 00000000 ____D C:\Users\Mario\AppData\Local\TechSmith
2013-11-16 20:27 - 2013-11-25 13:13 - 00006656 _____ C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-16 20:14 - 2013-11-25 13:24 - 00000000 ____D C:\Users\Mario\Documents\Camtasia Studio
2013-11-16 20:14 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\AppData\Roaming\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000978 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-11-16 19:57 - 2013-11-16 19:58 - 251749736 _____ C:\Users\Mario\Downloads\camtasiade_8.1.2.exe
2013-11-15 21:23 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-15 21:23 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-15 21:23 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-15 21:23 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-15 21:22 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-15 21:22 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-15 21:22 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-15 21:22 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-15 21:22 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-15 21:22 - 2013-11-05 15:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-15 21:22 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-15 21:22 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-15 21:22 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-15 21:22 - 2013-10-23 06:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-15 21:22 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-15 21:22 - 2013-10-23 05:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-15 21:22 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-15 21:22 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-15 21:22 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-15 21:22 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-15 21:22 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-15 21:22 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-15 21:22 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-15 21:22 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-15 21:22 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-15 21:22 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-15 21:22 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-15 21:22 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-15 21:22 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-15 21:22 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-15 21:22 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-15 21:22 - 2013-10-19 10:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-15 21:22 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-15 21:22 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-15 21:22 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-15 21:22 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-15 21:22 - 2013-10-19 04:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-15 21:22 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-15 21:22 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-15 21:22 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-15 21:22 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-15 21:22 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-15 21:22 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-15 21:22 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-15 21:22 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-15 21:22 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-15 21:22 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-15 21:22 - 2013-10-11 16:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-15 21:22 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-15 21:22 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-15 21:22 - 2013-10-11 14:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-15 21:22 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-15 21:22 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-15 21:22 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-15 21:22 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-15 21:22 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-15 21:22 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-15 21:22 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-15 21:22 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-15 21:22 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-15 21:22 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-15 21:22 - 2013-10-10 11:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-15 21:22 - 2013-10-10 11:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-15 21:22 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-15 21:22 - 2013-10-08 12:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-15 21:22 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-15 21:22 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-15 21:22 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-15 21:22 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-15 21:22 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-15 21:22 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-15 21:22 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-15 21:22 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-15 21:22 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-15 21:22 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-15 21:22 - 2013-10-07 08:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-15 21:22 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-15 21:22 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-15 21:22 - 2013-10-05 16:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-15 21:22 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-15 21:22 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-15 21:22 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-15 21:22 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-15 21:22 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-15 21:22 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-15 21:22 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-15 21:22 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-15 21:22 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-15 21:22 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-15 21:22 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-15 21:22 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-15 21:22 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-15 21:22 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-15 21:22 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-15 21:22 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-15 21:22 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-15 21:22 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-15 21:22 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-15 21:22 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-15 21:22 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-15 21:22 - 2013-09-17 08:01 - 00270848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-11-15 21:22 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-15 21:22 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-15 21:22 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-15 21:22 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-15 21:22 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-15 21:22 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-15 21:22 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-15 21:22 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-15 21:22 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-15 21:22 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-15 21:22 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-15 21:22 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-15 21:22 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-15 21:22 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-15 21:22 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-15 21:22 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-15 21:22 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-15 21:22 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-15 21:22 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-15 21:22 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-15 21:22 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-15 21:22 - 2013-09-11 13:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-15 21:22 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-15 21:22 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-15 21:22 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2013-12-14 11:19 - 2013-12-14 11:19 - 00017548 _____ C:\Users\Mario\Downloads\FRST.txt
2013-12-14 11:19 - 2013-12-14 11:19 - 00000000 ____D C:\FRST
2013-12-14 11:16 - 2013-12-14 11:16 - 01927462 _____ (Farbar) C:\Users\Mario\Downloads\FRST64.exe
2013-12-14 11:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-14 10:46 - 2013-12-14 10:45 - 00000000 ____D C:\Users\Mario\Desktop\Maleware - Toolbar Montera
2013-12-14 10:38 - 2012-11-29 19:49 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001UA.job
2013-12-14 10:34 - 2013-03-05 05:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-14 09:34 - 2012-12-06 23:53 - 00336896 ___SH C:\Users\Mario\Downloads\Thumbs.db
2013-12-14 09:18 - 2013-10-27 16:35 - 01973485 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-14 08:52 - 2013-09-30 05:14 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-14 08:52 - 2013-09-30 04:56 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-14 08:52 - 2013-09-30 04:56 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-14 08:21 - 2013-02-19 19:23 - 00041075 _____ C:\WINDOWS\system32\lvcoinst.log
2013-12-14 08:20 - 2013-09-02 13:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 08:20 - 2012-12-23 12:05 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-14 07:10 - 2013-06-03 00:04 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-14 07:07 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-13 20:00 - 2013-06-03 09:18 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2013-12-13 19:38 - 2012-11-29 19:49 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001Core.job
2013-12-13 12:52 - 2013-12-13 12:50 - 00015346 _____ C:\Users\Mario\Documents\RA_Hermans_13.12.2012.odt
2013-12-13 12:02 - 2013-08-22 15:44 - 00388256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 05:58 - 2013-12-13 05:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-13 05:55 - 2013-12-13 05:55 - 00001133 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-13 05:55 - 2012-12-02 17:13 - 00026112 ___SH C:\Users\Mario\Desktop\Thumbs.db
2013-12-13 05:53 - 2013-12-13 05:53 - 40658208 _____ (Safer-Networking Ltd.                                      ) C:\Users\Mario\Downloads\spybot-2.2.exe
2013-12-13 00:00 - 2012-12-01 19:29 - 00000000 ____D C:\Users\Mario\AppData\Local\PokerStars.EU
2013-12-12 09:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-12 03:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 13:06 - 2013-10-29 11:44 - 00005794 _____ C:\WINDOWS\PFRO.log
2013-12-09 20:04 - 2012-11-29 20:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-09 17:35 - 2013-12-06 18:00 - 00000000 ____D C:\Users\Mario\dwhelper
2013-12-08 18:06 - 2013-10-28 17:39 - 00006154 _____ C:\WINDOWS\setupact.log
2013-12-06 18:00 - 2013-10-24 22:22 - 00000000 ____D C:\Users\Mario
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 11:18 - 2012-12-01 12:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 23:56 - 2013-12-02 23:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 23:01 - 2013-02-19 19:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Skype
2013-12-02 17:51 - 2012-11-30 17:32 - 00000000 ____D C:\Users\Mario\AppData\Local\Packages
2013-11-28 14:50 - 2013-11-28 14:41 - 00011204 _____ C:\Users\Mario\Documents\Wochenmenüplan.odt
2013-11-26 12:54 - 2013-12-11 22:08 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-11 22:08 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-11 22:08 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-11 22:08 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 22:08 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-11 22:08 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-11 22:08 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 22:08 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 22:08 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 22:08 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 22:08 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 22:08 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 22:08 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 22:08 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 22:08 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 22:08 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 22:08 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 16:49 - 2013-02-20 00:37 - 00000000 ____D C:\Users\Mario\Documents\Youcam
2013-11-25 13:24 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\Documents\Camtasia Studio
2013-11-25 13:13 - 2013-11-16 20:27 - 00006656 _____ C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-25 13:04 - 2013-02-19 19:23 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-23 19:25 - 2012-11-30 00:19 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 05:34 - 2013-12-11 22:08 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-23 05:13 - 2013-12-11 22:08 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-11-23 04:32 - 2013-12-11 22:08 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-23 04:10 - 2013-12-11 22:08 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-11-22 17:57 - 2013-11-22 17:56 - 00016829 _____ C:\WINDOWS\DirectX.log
2013-11-22 17:31 - 2013-11-22 17:31 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-22 17:30 - 2013-11-22 17:30 - 00000219 _____ C:\Users\Mario\Desktop\Dota 2.url
2013-11-22 17:30 - 2012-12-04 18:16 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-18 20:26 - 2013-11-18 20:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-18 20:04 - 2012-11-30 17:32 - 00000000 ___RD C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-18 20:04 - 2012-11-30 17:32 - 00000000 ___RD C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-16 20:33 - 2013-11-16 20:33 - 00000000 ____D C:\Users\Mario\AppData\Local\TechSmith
2013-11-16 20:14 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\AppData\Roaming\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000978 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-11-16 19:58 - 2013-11-16 19:57 - 251749736 _____ C:\Users\Mario\Downloads\camtasiade_8.1.2.exe

Files to move or delete:
====================
C:\ProgramData\LaunchURL.bat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---


addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2013 01
Ran by Mario at 2013-12-14 11:19:43
Running from C:\Users\Mario\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

@BIOS (x32 Version: 2.28)
µTorrent (HKCU Version: 3.3.1.30017)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Age of Empires Online (x32)
AllShare Control (x32 Version: 1.5)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Camtasia Studio 8 (x32 Version: 8.1.2.1344)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589)
CCC Help Czech (x32 Version: 2013.0830.1943.33589)
CCC Help Danish (x32 Version: 2013.0830.1943.33589)
CCC Help Dutch (x32 Version: 2013.0830.1943.33589)
CCC Help English (x32 Version: 2013.0830.1943.33589)
CCC Help Finnish (x32 Version: 2013.0830.1943.33589)
CCC Help French (x32 Version: 2013.0830.1943.33589)
CCC Help German (x32 Version: 2013.0830.1943.33589)
CCC Help Greek (x32 Version: 2013.0830.1943.33589)
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589)
CCC Help Italian (x32 Version: 2013.0830.1943.33589)
CCC Help Japanese (x32 Version: 2013.0830.1943.33589)
CCC Help Korean (x32 Version: 2013.0830.1943.33589)
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589)
CCC Help Polish (x32 Version: 2013.0830.1943.33589)
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589)
CCC Help Russian (x32 Version: 2013.0830.1943.33589)
CCC Help Spanish (x32 Version: 2013.0830.1943.33589)
CCC Help Swedish (x32 Version: 2013.0830.1943.33589)
CCC Help Thai (x32 Version: 2013.0830.1943.33589)
CCC Help Turkish (x32 Version: 2013.0830.1943.33589)
ccc-utility64 (Version: 2013.0830.1944.33589)
CCleaner (Version: 3.26)
Deus Ex: Human Revolution (x32)
DiRT Showdown (x32)
Dota 2 (x32)
DRIV3R (x32 Version: 1.00.000)
Easy Tune 6 B12.0912.1 (x32 Version: 1.00.0000)
Endless Space (x32)
erLT (x32 Version: 1.20.0137)
EVEREST Corporate Edition v5.50 (x32 Version: 5.50)
Far Cry 3 (x32 Version: 1.04)
FileRestorePlus™ 3.0.4.513 (x32)
Foxit Reader (x32 Version: 5.4.4.1023)
Free Studio version 2013 (x32 Version: 6.1.11.827)
Free Video Call Recorder for Skype version 1.2.3.827 (x32 Version: 1.2.3.827)
FreeRIP MP3 Converter 4.4.1 (x32 Version: 4.4.1)
Hitman: Absolution (x32)
iCloud (Version: 3.1.0.40)
ICQ 8.1 (build 6337) (HKCU Version: 8.1.6337.0)
Intel PROSet Wireless
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.0.0344)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.6.1209.0268)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.2000.1462)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 9 (x32 Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.0)
JDownloader 2 (Version: 2.0)
LG Burning Tool (x32 Version: 6.2.6009)
LG CyberLink BD Advisor (x32 Version: 2.0.4606)
LG CyberLink LabelPrint (x32 Version: 2.5.3624)
LG CyberLink Media Suite (x32 Version: 8.0.2820)
LG CyberLink MediaEspresso (x32 Version: 6.5.1622_37397b)
LG CyberLink MediaShow (x32 Version: 4.1.3402)
LG CyberLink PowerBackup (x32 Version: 2.5.6023)
LG CyberLink PowerDVD (x32 Version: 10.0.3424.52)
LG CyberLink PowerProducer (x32 Version: 5.0.2.2820a)
LG CyberLink YouCam (x32 Version: 2.0.3718)
LG Tool Kit (x32 Version: 10.01.0712.01)
LibreOffice 3.6 (x32 Version: 3.6.6.2)
LightScribe System Software (x32 Version: 1.18.22.2)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
MotoGP™13 Demo (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Need for Speed™ Most Wanted (x32)
Nexuiz (x32)
Nexuiz Beta (x32)
Nexuiz STUPID Mode (x32)
Norton Internet Security (x32 Version: 20.4.0.40)
ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001)
OpenAL (x32)
ORION: Dino Horde (x32)
partypoker (HKCU)
PartyPoker (x32)
PKR (x32)
Plex Media Server (x32 Version: 0.9.722)
Poker 770 (HKCU)
PokerStars.eu (x32)
PunkBuster Services (x32 Version: 0.993)
QuickTime (x32 Version: 7.74.80.86)
Rapture3D 2.4.11 Game (x32)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Samsung Kies (x32 Version: 2.5.3.13043_14)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Search-Gol Chrome Toolbar (x32)
searchgol toolbar  (x32 Version: 1.8.16.19)
Sid Meier's Civilization V (x32)
SiSoftware Sandra Lite 2013 (Version: 19.11.2013.1)
Skype™ 6.9 (x32 Version: 6.9.106)
Sleeping Dogs™ (x32)
Split/Second (x32 Version: 1.00.0000)
Spybot - Search & Destroy (x32 Version: 2.2.25)
Steam (x32 Version: 1.0.0.0)
Stronghold 2 Deluxe (x32 Version: 1.40.100)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
TeamViewer 8 (x32 Version: 8.0.22298)
Uplay (x32 Version: 2.0)
VLC media player 2.0.6 (Version: 2.0.6)
William Hill Poker (HKCU)
Winamp (x32 Version: 5.65 )
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
World of Tanks (x32)
World of Warplanes (x32)
WPT Poker (x32)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001Core.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001UA.job => ?

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2013 10:25:16 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 25.0.1.5064 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 974

Startzeit: 01cef89837c0fd57

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: a0d0d74f-64a1-11e3-bec7-84a6c8363e58

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/09/2013 07:56:29 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (11/25/2013 04:49:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CamRecorder.exe, Version: 8.1.2.1344, Zeitstempel: 0x521468e9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001e12c
ID des fehlerhaften Prozesses: 0x1730
Startzeit der fehlerhaften Anwendung: 0xCamRecorder.exe0
Pfad der fehlerhaften Anwendung: CamRecorder.exe1
Pfad des fehlerhaften Moduls: CamRecorder.exe2
Berichtskennung: CamRecorder.exe3
Vollständiger Name des fehlerhaften Pakets: CamRecorder.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CamRecorder.exe5

Error: (11/25/2013 01:03:01 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (11/22/2013 05:30:15 PM) (Source: Application Hang) (User: )
Description: Programm spartan.exe, Version 4.0.0.6148 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e44

Startzeit: 01cee79fe7e12f65

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires Online\spartan.exe

Berichts-ID: 5acaa99e-5393-11e3-beb4-84a6c8363e58

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (11/16/2013 10:19:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CamRecorder.exe, Version: 8.1.2.1344, Zeitstempel: 0x521468e9
Name des fehlerhaften Moduls: mfc100u.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2e0e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00243466
ID des fehlerhaften Prozesses: 0x2084
Startzeit der fehlerhaften Anwendung: 0xCamRecorder.exe0
Pfad der fehlerhaften Anwendung: CamRecorder.exe1
Pfad des fehlerhaften Moduls: CamRecorder.exe2
Berichtskennung: CamRecorder.exe3
Vollständiger Name des fehlerhaften Pakets: CamRecorder.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CamRecorder.exe5

Error: (11/13/2013 02:04:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Kies.exe, Version: 1.0.0.1425, Zeitstempel: 0x5227081c
Name des fehlerhaften Moduls: PresentationFramework.ni.dll, Version: 4.0.30319.34003, Zeitstempel: 0x522edb47
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0032c6f7
ID des fehlerhaften Prozesses: 0x1974
Startzeit der fehlerhaften Anwendung: 0xKies.exe0
Pfad der fehlerhaften Anwendung: Kies.exe1
Pfad des fehlerhaften Moduls: Kies.exe2
Berichtskennung: Kies.exe3
Vollständiger Name des fehlerhaften Pakets: Kies.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Kies.exe5

Error: (11/13/2013 02:04:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Kies.exe, Version: 1.0.0.1425, Zeitstempel: 0x5227081c
Name des fehlerhaften Moduls: PresentationFramework.ni.dll, Version: 4.0.30319.34003, Zeitstempel: 0x522edb47
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0032c6f7
ID des fehlerhaften Prozesses: 0x1974
Startzeit der fehlerhaften Anwendung: 0xKies.exe0
Pfad der fehlerhaften Anwendung: Kies.exe1
Pfad des fehlerhaften Moduls: Kies.exe2
Berichtskennung: Kies.exe3
Vollständiger Name des fehlerhaften Pakets: Kies.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Kies.exe5

Error: (11/13/2013 02:04:51 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: Kies.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32)
  bei System.Windows.Window.ShowHelper(System.Object)
  bei System.Windows.Window.Show()
  bei Kies.App.StartKies()
  bei Kies.App.App_Startup2(System.Object, System.Windows.StartupEventArgs)
  bei System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
  bei Kies.App.OnStartup(System.Windows.StartupEventArgs)
  bei System.Windows.Application.<.ctor>b__1(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
  bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  bei System.Windows.Threading.DispatcherOperation.Invoke()
  bei System.Windows.Threading.Dispatcher.ProcessQueue()
  bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Threading.Dispatcher.Run()
  bei System.Windows.Application.RunDispatcher(System.Object)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run(System.Windows.Window)
  bei Kies.App.Main()

Error: (11/13/2013 01:35:53 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ef0

Startzeit: 01cedf93cd67e67c

Endzeit: 64

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 11a9b8fc-4c60-11e3-beae-902b34d018fc

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (12/14/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/14/2013 08:20:23 AM) (Source: DCOM) (User: Ferrari)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/14/2013 07:14:09 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/14/2013 00:04:46 AM) (Source: DCOM) (User: Ferrari)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/14/2013 00:04:46 AM) (Source: DCOM) (User: Ferrari)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/13/2013 00:57:02 PM) (Source: DCOM) (User: Ferrari)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/13/2013 00:08:12 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/12/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/12/2013 03:10:41 AM) (Source: DCOM) (User: Ferrari)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/12/2013 03:10:11 AM) (Source: DCOM) (User: Ferrari)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (12/14/2013 10:25:16 AM) (Source: Application Hang)(User: )
Description: firefox.exe25.0.1.506497401cef89837c0fd5731C:\Program Files (x86)\Mozilla Firefox\firefox.exea0d0d74f-64a1-11e3-bec7-84a6c8363e58

Error: (12/09/2013 07:56:29 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT)
Description: -2147024883

Error: (11/25/2013 04:49:06 PM) (Source: Application Error)(User: )
Description: CamRecorder.exe8.1.2.1344521468e9ntdll.dll6.3.9600.16408523d45fac00000050001e12c173001cee9d650bba329D:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamRecorder.exeC:\WINDOWS\SYSTEM32\ntdll.dll1d009f0e-55e9-11e3-beb7-84a6c8363e58

Error: (11/25/2013 01:03:01 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT)
Description: -2147024883

Error: (11/22/2013 05:30:15 PM) (Source: Application Hang)(User: )
Description: spartan.exe4.0.0.6148e4401cee79fe7e12f652C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires Online\spartan.exe5acaa99e-5393-11e3-beb4-84a6c8363e58

Error: (11/16/2013 10:19:46 PM) (Source: Application Error)(User: )
Description: CamRecorder.exe8.1.2.1344521468e9mfc100u.dll10.0.40219.3254df2e0e6c000000500243466208401cee301137c6a9aD:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamRecorder.exeC:\WINDOWS\SYSTEM32\mfc100u.dlld1391709-4f04-11e3-beaf-902b34d018fc

Error: (11/13/2013 02:04:53 PM) (Source: Application Error)(User: )
Description: Kies.exe1.0.0.14255227081cPresentationFramework.ni.dll4.0.30319.34003522edb47c000041d0032c6f7197401cee070e5a849e9C:\Program Files (x86)\Samsung\Kies\Kies.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d7d9b1f34822d7db7f240695660f04d1\PresentationFramework.ni.dll2f2c414f-4c64-11e3-beae-902b34d018fc

Error: (11/13/2013 02:04:51 PM) (Source: Application Error)(User: )
Description: Kies.exe1.0.0.14255227081cPresentationFramework.ni.dll4.0.30319.34003522edb47c00000050032c6f7197401cee070e5a849e9C:\Program Files (x86)\Samsung\Kies\Kies.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d7d9b1f34822d7db7f240695660f04d1\PresentationFramework.ni.dll2e479f4b-4c64-11e3-beae-902b34d018fc

Error: (11/13/2013 02:04:51 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: Kies.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32)
  bei System.Windows.Window.ShowHelper(System.Object)
  bei System.Windows.Window.Show()
  bei Kies.App.StartKies()
  bei Kies.App.App_Startup2(System.Object, System.Windows.StartupEventArgs)
  bei System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
  bei Kies.App.OnStartup(System.Windows.StartupEventArgs)
  bei System.Windows.Application.<.ctor>b__1(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
  bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  bei System.Windows.Threading.DispatcherOperation.Invoke()
  bei System.Windows.Threading.Dispatcher.ProcessQueue()
  bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
  bei System.Windows.Threading.Dispatcher.Run()
  bei System.Windows.Application.RunDispatcher(System.Object)
  bei System.Windows.Application.RunInternal(System.Windows.Window)
  bei System.Windows.Application.Run(System.Windows.Window)
  bei Kies.App.Main()

Error: (11/13/2013 01:35:53 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.5001ef001cedf93cd67e67c64C:\Program Files (x86)\Mozilla Firefox\firefox.exe11a9b8fc-4c60-11e3-beae-902b34d018fc


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 16339.53 MB
Available physical RAM: 12658.29 MB
Total Pagefile: 18771.53 MB
Available Pagefile: 15175.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.68 GB) (Free:19.17 GB) NTFS
Drive d: (DATENpool) (Fixed) (Total:1332.86 GB) (Free:967.3 GB) NTFS
Drive i: (D A T E N P O O L ) (Fixed) (Total:1863.01 GB) (Free:1359.77 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
nun noch die defogger_disable
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:57 on 14/12/2013 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
der Rest also in der nächsten Antwort

19mario76 14.12.2013 23:03
dann folgte erneut die FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by Mario (ATTENTION: The logged in user is not administrator) on FERRARI on 14-12-2013 18:02:13
Running from C:\Users\Mario\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(ICQ) C:\Users\Mario\AppData\Roaming\ICQM\icq.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\RunOnce: [LaunchWebURL] - C:\ProgramData\LaunchURL.bat [142 2013-10-27] ()
HKLM\...\RunOnce: [BrowserChoice] - C:\WINDOWS\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKCU\...\Run: [Plex Media Server] - D:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4014760 2013-04-03] (Plex, Inc.)
HKCU\...\Run: [icq] - C:\Users\Mario\AppData\Roaming\ICQM\icq.exe [28698984 2013-10-11] (ICQ)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-11-30] (Bitleader)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AllShare Control] - D:\Program Files (x86)\Samsung\AllShare Control\AllShare Control
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1395F067C5F7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=1EC484A6C8363E55&affID=121565&tt=160913_c1&tsp=5013
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: about:home
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - d:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\ich@maltegoetz.de
FF Extension: Flagfox - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: artur.dubovoy - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\artur.dubovoy@gmail.com.xpi
FF Extension: elemhidehelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\elemhidehelper@adblockplus.org.xpi
FF Extension: jid1-cwbvBTE216jjpg - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\fkb061pr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] ()
R2 SDScannerService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; d:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-27] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131213.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131213.018\ENG64.SYS [126040 2013-12-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131213.018\EX64.SYS [2099288 2013-12-11] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-14 18:02 - 2013-12-14 18:02 - 00017490 _____ C:\Users\Mario\Downloads\FRST.txt
2013-12-14 17:57 - 2013-12-14 17:57 - 00000472 _____ C:\Users\Mario\Downloads\defogger_disable.log
2013-12-14 17:57 - 2013-12-14 17:57 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-12-14 17:54 - 2013-12-14 17:54 - 00050477 _____ C:\Users\Mario\Downloads\Defogger.exe
2013-12-14 14:17 - 2013-12-14 17:59 - 00000000 ____D C:\Users\Mario\Downloads\FRST-OlderVersion
2013-12-14 11:19 - 2013-12-14 17:59 - 00000000 ____D C:\FRST
2013-12-14 11:19 - 2013-12-14 11:19 - 00049391 _____ C:\Users\Mario\Downloads\ALT_FRST.txt
2013-12-14 11:19 - 2013-12-14 11:19 - 00025952 _____ C:\Users\Mario\Downloads\ALT_Addition.txt
2013-12-14 11:16 - 2013-12-14 17:59 - 01927796 _____ (Farbar) C:\Users\Mario\Downloads\FRST64.exe
2013-12-14 10:45 - 2013-12-14 10:46 - 00000000 ____D C:\Users\Mario\Desktop\Maleware - Toolbar Montera
2013-12-14 07:16 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 07:16 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-14 07:16 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-14 07:16 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-14 07:16 - 2013-11-11 03:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-14 07:16 - 2013-11-09 12:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-14 07:16 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-14 07:16 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-14 07:16 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-14 07:16 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-14 07:16 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-14 07:16 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-14 07:16 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-14 07:16 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-14 07:16 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-14 07:16 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-14 07:16 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-14 07:16 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-14 07:16 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-14 07:16 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-14 07:16 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-14 07:16 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-14 07:16 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-14 07:16 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-14 07:16 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-14 07:16 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-14 07:16 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-14 07:16 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-14 07:16 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-14 07:16 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-14 07:16 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-14 07:16 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-14 07:16 - 2013-10-31 01:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-14 07:16 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-14 07:16 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-14 07:16 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-14 07:16 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-14 07:16 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-14 07:16 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-14 07:16 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-14 07:16 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-14 07:16 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-14 07:16 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-14 07:16 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-14 07:16 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-14 07:16 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-14 07:16 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-13 12:50 - 2013-12-13 12:52 - 00015346 _____ C:\Users\Mario\Documents\RA_Hermans_13.12.2012.odt
2013-12-13 05:55 - 2013-12-13 05:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-13 05:55 - 2013-12-13 05:55 - 00001133 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-13 05:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2013-12-13 05:53 - 2013-12-13 05:53 - 40658208 _____ (Safer-Networking Ltd.                                      ) C:\Users\Mario\Downloads\spybot-2.2.exe
2013-12-11 22:08 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 22:08 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 22:08 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 22:08 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 22:08 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 22:08 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 22:08 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 22:08 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-11 22:08 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 22:08 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-11 22:08 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 22:08 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 22:08 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 22:08 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-11 22:08 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-11 22:08 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 22:08 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 22:08 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 22:08 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 22:08 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-11 22:08 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-11 22:08 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 22:08 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 22:08 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 22:08 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 22:07 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-11 22:07 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-11 22:07 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-11 22:07 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-06 18:00 - 2013-12-09 17:35 - 00000000 ____D C:\Users\Mario\dwhelper
2013-12-02 23:56 - 2013-12-02 23:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-28 14:41 - 2013-11-28 14:50 - 00011204 _____ C:\Users\Mario\Documents\Wochenmenüplan.odt
2013-11-22 17:56 - 2013-11-22 17:57 - 00016829 _____ C:\WINDOWS\DirectX.log
2013-11-22 17:31 - 2013-11-22 17:31 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-22 17:30 - 2013-11-22 17:30 - 00000219 _____ C:\Users\Mario\Desktop\Dota 2.url
2013-11-18 20:26 - 2013-11-18 20:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-16 20:33 - 2013-11-16 20:33 - 00000000 ____D C:\Users\Mario\AppData\Local\TechSmith
2013-11-16 20:27 - 2013-11-25 13:13 - 00006656 _____ C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-16 20:14 - 2013-11-25 13:24 - 00000000 ____D C:\Users\Mario\Documents\Camtasia Studio
2013-11-16 20:14 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\AppData\Roaming\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000978 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-11-16 19:57 - 2013-11-16 19:58 - 251749736 _____ C:\Users\Mario\Downloads\camtasiade_8.1.2.exe
2013-11-15 21:23 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-15 21:23 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-15 21:23 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-15 21:23 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-15 21:22 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-15 21:22 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-15 21:22 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-15 21:22 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-15 21:22 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-15 21:22 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-15 21:22 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-15 21:22 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-15 21:22 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-15 21:22 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-15 21:22 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-15 21:22 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-15 21:22 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-15 21:22 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-15 21:22 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-15 21:22 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-15 21:22 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-15 21:22 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-15 21:22 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-15 21:22 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-15 21:22 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-15 21:22 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-15 21:22 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-15 21:22 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-15 21:22 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-15 21:22 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-15 21:22 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-15 21:22 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-15 21:22 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-15 21:22 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-15 21:22 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-15 21:22 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-15 21:22 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-15 21:22 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-15 21:22 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-15 21:22 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-15 21:22 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-15 21:22 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-15 21:22 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-15 21:22 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-15 21:22 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-15 21:22 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-15 21:22 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-15 21:22 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-15 21:22 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-15 21:22 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-15 21:22 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-15 21:22 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-15 21:22 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-15 21:22 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-15 21:22 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-15 21:22 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-15 21:22 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-15 21:22 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-15 21:22 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-15 21:22 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-15 21:22 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-15 21:22 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-15 21:22 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-15 21:22 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-15 21:22 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-15 21:22 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-15 21:22 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-15 21:22 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-15 21:22 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-15 21:22 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-15 21:22 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-15 21:22 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-15 21:22 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-15 21:22 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-15 21:22 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-15 21:22 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-15 21:22 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-15 21:22 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-15 21:22 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-15 21:22 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-15 21:22 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-15 21:22 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-15 21:22 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-15 21:22 - 2013-09-17 08:01 - 00270848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-11-15 21:22 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-15 21:22 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-15 21:22 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-15 21:22 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-15 21:22 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-15 21:22 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-15 21:22 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-15 21:22 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-15 21:22 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-15 21:22 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-15 21:22 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-15 21:22 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-15 21:22 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-15 21:22 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-15 21:22 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-15 21:22 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-15 21:22 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-15 21:22 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-15 21:22 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-15 21:22 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-15 21:22 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-15 21:22 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-15 21:22 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-15 21:22 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2013-12-14 18:02 - 2013-12-14 18:02 - 00017490 _____ C:\Users\Mario\Downloads\FRST.txt
2013-12-14 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-14 17:59 - 2013-12-14 14:17 - 00000000 ____D C:\Users\Mario\Downloads\FRST-OlderVersion
2013-12-14 17:59 - 2013-12-14 11:19 - 00000000 ____D C:\FRST
2013-12-14 17:59 - 2013-12-14 11:16 - 01927796 _____ (Farbar) C:\Users\Mario\Downloads\FRST64.exe
2013-12-14 17:57 - 2013-12-14 17:57 - 00000472 _____ C:\Users\Mario\Downloads\defogger_disable.log
2013-12-14 17:57 - 2013-12-14 17:57 - 00000000 _____ C:\Users\Admin\defogger_reenable
2013-12-14 17:57 - 2013-10-24 22:22 - 00000000 ____D C:\Users\Admin
2013-12-14 17:54 - 2013-12-14 17:54 - 00050477 _____ C:\Users\Mario\Downloads\Defogger.exe
2013-12-14 17:50 - 2013-10-27 16:35 - 02019372 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-14 17:42 - 2013-09-30 05:14 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-14 17:42 - 2013-09-30 04:56 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-14 17:42 - 2013-09-30 04:56 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-14 17:40 - 2013-02-19 19:23 - 00042335 _____ C:\WINDOWS\system32\lvcoinst.log
2013-12-14 17:38 - 2013-06-03 00:04 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-14 17:38 - 2012-11-29 19:49 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001UA.job
2013-12-14 17:37 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-14 14:18 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-14 14:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-14 14:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-14 14:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-14 14:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-14 13:34 - 2013-03-05 05:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-14 11:19 - 2013-12-14 11:19 - 00049391 _____ C:\Users\Mario\Downloads\ALT_FRST.txt
2013-12-14 11:19 - 2013-12-14 11:19 - 00025952 _____ C:\Users\Mario\Downloads\ALT_Addition.txt
2013-12-14 10:46 - 2013-12-14 10:45 - 00000000 ____D C:\Users\Mario\Desktop\Maleware - Toolbar Montera
2013-12-14 09:34 - 2012-12-06 23:53 - 00336896 ___SH C:\Users\Mario\Downloads\Thumbs.db
2013-12-14 08:20 - 2013-09-02 13:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 08:20 - 2012-12-23 12:05 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 20:00 - 2013-06-03 09:18 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2013-12-13 19:38 - 2012-11-29 19:49 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1350587004-1826613761-2893582637-1001Core.job
2013-12-13 12:52 - 2013-12-13 12:50 - 00015346 _____ C:\Users\Mario\Documents\RA_Hermans_13.12.2012.odt
2013-12-13 12:02 - 2013-08-22 15:44 - 00388256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 05:58 - 2013-12-13 05:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-13 05:55 - 2013-12-13 05:55 - 00001133 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-13 05:55 - 2012-12-02 17:13 - 00026112 ___SH C:\Users\Mario\Desktop\Thumbs.db
2013-12-13 05:53 - 2013-12-13 05:53 - 40658208 _____ (Safer-Networking Ltd.                                      ) C:\Users\Mario\Downloads\spybot-2.2.exe
2013-12-13 00:00 - 2012-12-01 19:29 - 00000000 ____D C:\Users\Mario\AppData\Local\PokerStars.EU
2013-12-12 09:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-12 03:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 13:06 - 2013-10-29 11:44 - 00005794 _____ C:\WINDOWS\PFRO.log
2013-12-09 20:04 - 2012-11-29 20:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-09 17:35 - 2013-12-06 18:00 - 00000000 ____D C:\Users\Mario\dwhelper
2013-12-08 18:06 - 2013-10-28 17:39 - 00006154 _____ C:\WINDOWS\setupact.log
2013-12-06 18:00 - 2013-10-24 22:22 - 00000000 ____D C:\Users\Mario
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 11:18 - 2012-12-01 12:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 23:56 - 2013-12-02 23:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 23:01 - 2013-02-19 19:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Skype
2013-12-02 17:51 - 2012-11-30 17:32 - 00000000 ____D C:\Users\Mario\AppData\Local\Packages
2013-11-28 14:50 - 2013-11-28 14:41 - 00011204 _____ C:\Users\Mario\Documents\Wochenmenüplan.odt
2013-11-26 12:54 - 2013-12-11 22:08 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-11 22:08 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-11 22:08 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-11 22:08 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 22:08 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-11 22:08 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-11 22:08 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 22:08 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 22:08 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 22:08 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 22:08 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 22:08 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 22:08 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 22:08 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 22:08 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 22:08 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 22:08 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 16:49 - 2013-02-20 00:37 - 00000000 ____D C:\Users\Mario\Documents\Youcam
2013-11-25 13:24 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\Documents\Camtasia Studio
2013-11-25 13:13 - 2013-11-16 20:27 - 00006656 _____ C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-25 13:04 - 2013-02-19 19:23 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-23 19:25 - 2012-11-30 00:19 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 05:34 - 2013-12-11 22:08 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-23 05:13 - 2013-12-11 22:08 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-11-23 04:32 - 2013-12-11 22:08 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-23 04:10 - 2013-12-11 22:08 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-11-22 17:57 - 2013-11-22 17:56 - 00016829 _____ C:\WINDOWS\DirectX.log
2013-11-22 17:31 - 2013-11-22 17:31 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-22 17:31 - 2013-11-22 17:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-22 17:31 - 2013-11-22 17:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-22 17:30 - 2013-11-22 17:30 - 00000219 _____ C:\Users\Mario\Desktop\Dota 2.url
2013-11-22 17:30 - 2012-12-04 18:16 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-18 20:26 - 2013-11-18 20:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-18 20:04 - 2012-11-30 17:32 - 00000000 ___RD C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-18 20:04 - 2012-11-30 17:32 - 00000000 ___RD C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-18 14:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-16 20:33 - 2013-11-16 20:33 - 00000000 ____D C:\Users\Mario\AppData\Local\TechSmith
2013-11-16 20:14 - 2013-11-16 20:14 - 00000000 ____D C:\Users\Mario\AppData\Roaming\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000978 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\TechSmith
2013-11-16 20:00 - 2013-11-16 20:00 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-11-16 19:58 - 2013-11-16 19:57 - 251749736 _____ C:\Users\Mario\Downloads\camtasiade_8.1.2.exe

Files to move or delete:
====================
C:\ProgramData\LaunchURL.bat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---


sowie die gmer.txt
Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-14 19:01:53
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000031 INTEL_SSDSC2CT180A3 rev.300i 167,68GB
Running: tbuoq1m2.exe; Driver: C:\Users\Admin\AppData\Local\Temp\ufldypob.sys


---- User code sections - GMER 2.1 ----

.text  C:\WINDOWS\system32\atiesrxx.exe[108] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atiesrxx.exe[108] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atiesrxx.exe[108] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                    00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atiesrxx.exe[108] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                    00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\WLANExt.exe[1336] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\WLANExt.exe[1336] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\WLANExt.exe[1336] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                    00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\WLANExt.exe[1336] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                    00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                      00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                      00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                        00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                        00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                            00007ffd60071f6a 4 bytes [07, 60, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1788] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                            00007ffd60071f82 4 bytes [07, 60, FD, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2040] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                  00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2040] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                  00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2040] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                    00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[2040] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                    00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2516] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                          00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2516] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                          00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2516] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                              00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2516] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                              00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\wbem\wmiprvse.exe[2832] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                          00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\wbem\wmiprvse.exe[2832] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                          00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\wbem\wmiprvse.exe[2832] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                              00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\wbem\wmiprvse.exe[2832] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                              00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atieclxx.exe[6836] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atieclxx.exe[6836] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atieclxx.exe[6836] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                  00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\system32\atieclxx.exe[6836] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                  00007ffd68191832 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\Explorer.EXE[2676] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                        00007ffd6819169a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\Explorer.EXE[2676] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                        00007ffd681916a2 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\Explorer.EXE[2676] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                            00007ffd6819181a 4 bytes [19, 68, FD, 7F]
.text  C:\WINDOWS\Explorer.EXE[2676] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                            00007ffd68191832 4 bytes [19, 68, FD, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2008]                                                                                                                    00000000001e1c24
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2172]                                                                                                                    0000000070f60eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2176]                                                                                                                    0000000070f60eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2180]                                                                                                                    0000000070f60eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2248]                                                                                                                    0000000070de319b
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2252]                                                                                                                    00000000709e8d99
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2260]                                                                                                                    0000000070964b0d
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2004:2948]                                                                                                                    00000000695e1892
Thread  C:\WINDOWS\system32\csrss.exe [6168:5420]                                                                                                                    fffff960008564d0
Thread  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [896:6100]                                                                                  00007ffd5cf7c680
Thread  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [6980:4864]                                                                                  00007ffd5cf7c680
Thread  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe [6972:5572]                                00007ffd6907d304
Thread  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe [6972:4944]                                00007ffd60e980ac
Thread  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe [6972:5472]                                00007ffd67f01b54

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM581516843009_01_07DB_17^171DFDE8E2CFAC2C1F227EC7182C1108@Timestamp                    0x1C 0xAC 0xBF 0xC6 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5D968371-D15C-49D5-82E2-B464D7CC2661}\Connection@Name                  isatap.{28991C99-EB78-4333-B9F7-D0C2FF0DBB74}
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                            -1719546320
Reg    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId                                                                                        1
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\84a6c8363e58                                                                                 
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings                                                                                   
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{5D968371-D15C-49D5-82E2-B464D7CC2661}@InterfaceName                                      isatap.{28991C99-EB78-4333-B9F7-D0C2FF0DBB74}
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{5D968371-D15C-49D5-82E2-B464D7CC2661}@ReusableType                                        0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{5D968371-D15C-49D5-82E2-B464D7CC2661}@DefunctTimestamp                                    0x8B 0x92 0xAC 0x52 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                              3150
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                            281
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{69BBA7BF-2607-4060-95F8-55F8FE185CCA}                          v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{1B445098-7075-46A1-942B-B6070CF51B95}                          v2.20|Action=Allow|Active=TRUE|Dir=Out|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{56E702E2-9D83-4A6B-939F-089E3E6E0328}  v2.20|Action=Block|Active=TRUE|Dir=In|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{48B5D310-BC96-4CE3-8419-C90384D383AF}  v2.20|Action=Block|Active=TRUE|Dir=Out|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{28A2FB6B-6A30-4AB1-985C-EDE7864D00F5}  v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|RA42=IntrAnet|RA62=IntrAnet|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-3)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{1D30F0E7-DFA4-40A7-AD5D-D6DFFF8E3492}  v2.20|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|RA42=IntrAnet|RA62=IntrAnet|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-3)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{8FDABA48-B13E-42BF-83DB-0337FB388785}  v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Private|Profile=Public|RA42=RmtIntrAnet|RA62=RmtIntrAnet|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-3)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Security=Authenticate|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{59EAA4DA-5438-44E4-851C-D5C8E0A5FC13}  v2.20|Action=Allow|Active=TRUE|Dir=Out|Profile=Private|Profile=Public|RA42=RmtIntrAnet|RA62=RmtIntrAnet|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-3)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Security=Authenticate|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System@{4208F3FA-B65E-479C-923A-B87AC6FE5E85}  v2.20|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|RA42=IntErnet|RA62=IntErnet|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-1)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1350587004-1826613761-2893582637-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SRTSP@Start                                                                                                          1
Reg    HKLM\SYSTEM\CurrentControlSet\Services\SRTSP                                                                                                               
Reg    HKLM\SYSTEM\CurrentControlSet\Services\WpdUpFltr\Parameters\Wdf@TimeOfLastSqmLog                                                                            0x1E 0xA6 0x5D 0xC7 ...
Reg    HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                                          0x64 0x62 0x03 0x00 ...
Reg    HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                                      0x64 0x62 0x03 0x00 ...

---- EOF - GMER 2.1 ----
das ist dann das letzte was ich gemacht hatte .

schrauber 15.12.2013 08:17
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

19mario76 15.12.2013 10:48
Zitat:
Zitat von 19mario76 (Beitrag 1213224)
Habe mich bemüht alle Board Regeln zu beachten aber nun wohl einen zweiten Beitrag
erstellt sorry vielmals dafür ich ich hoffe ich bekomme noch Hilfe.

hier der erste....
http://www.trojaner-board.de/146065-...entfernen.html

Hier sind jedenfalls nun alle geforderten log Files enthalten

lg
mario
Da du mir je im ersten Beitrag bereits sehr klasse weiter hilfst, kann dieser hier BEENDET werden!

Vielleicht ja auch ganz löschen, weiss nicht wie Ihr das handhaben wollt.

Danke für dir tolle Hilfe :daumenhoc

schrauber 15.12.2013 19:28
ok, dann schubs ich den in die Tonne :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131