Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. (https://www.trojaner-board.de/137420-c-progra-3-browse-1-261339-1-144-c16c1-1-brose-1-dll-entweder-ausfuehrung-windows-vorgesehen.html)

schrauber 03.07.2013 13:52
Noch Probleme?

Fränky 03.07.2013 16:21
Ja ist immer noch da. Habe auch Neustart gemacht.
Kommt immer noch. :wtf:

schrauber 03.07.2013 18:15
Poste bitte ein frisches FRST log mit additonal.

Fränky 03.07.2013 18:34
Okidoki..
hier noch ne FRST


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by *** (administrator) on 03-07-2013 19:19:35
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\GUI\GDSC.exe
(G Data Software AG) C:\program files (x86)\g data\antivirus\avk\avk.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVK.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe CS3\Adobe Photoshop CS3\Photoshop.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(brother) C:\Program Files (x86)\Brownie\brstsw64.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Nikolaus Brennig) C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 5\apc.exe
(Farbar) c:\Users\***\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32:  [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: Deutsches Wörterbuch, klassisch und reformiert - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\alterechtschreibung@gmail.com
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: ColorZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Open With Photoshop - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}
FF Extension: jid1-u9RbFp9JcoEGGw - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi
FF Extension: newtaburl - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{8B8A525A-CFCA-44cf-81C3-3969E6CB96E0}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-07-03] (G Data Software)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-07-03] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-03 14:17 - 2013-07-03 14:17 - 00107128 ____A (G Data Software) C:\Windows\System32\Drivers\GRD.sys
2013-07-03 14:17 - 2013-07-03 14:17 - 00016944 ____A (G Data Software) C:\Windows\System32\Drivers\GdPhyMem.sys
2013-07-03 14:13 - 2013-07-03 14:13 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:29 - 2013-07-02 11:48 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-29 21:24 - 2013-06-30 12:36 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:14 - 2013-06-29 21:15 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:14 - 2013-06-29 21:15 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:10 - 2013-06-29 21:11 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\******\Downloads\adwcleaner.exe
2013-06-29 20:14 - 2013-07-03 10:51 - 00028921 ____A C:\Users\*********\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-07-03 11:59 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-07-03 19:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-03 18:19 - 2011-01-20 20:16 - 00000336 ____A C:\Windows\Brownie.ini
2013-07-03 18:12 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:12 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 14:17 - 2013-07-03 14:17 - 00107128 ____A (G Data Software) C:\Windows\System32\Drivers\GRD.sys
2013-07-03 14:17 - 2013-07-03 14:17 - 00016944 ____A (G Data Software) C:\Windows\System32\Drivers\GdPhyMem.sys
2013-07-03 14:17 - 2008-01-21 03:53 - 01999446 ____A C:\Windows\WindowsUpdate.log
2013-07-03 14:13 - 2013-07-03 14:13 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-07-03 14:13 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-07-03 14:13 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-03 14:12 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 14:11 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-03 11:59 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-07-03 11:37 - 2009-01-30 14:36 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2013-07-03 10:51 - 2013-06-29 20:14 - 00028921 ____A C:\Users\***\Downloads\Addition.txt
2013-07-02 13:01 - 2010-09-29 21:39 - 00000000 ____D C:\Users\***\Documents\4A Games
2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:54 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-02 12:40 - 2012-02-21 11:12 - 00356856 ____A C:\Windows\PFRO.log
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:27 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 12:27 - 2009-01-30 14:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-02 12:25 - 2009-09-04 23:05 - 00000000 ____D C:\Users\***\AppData\Roaming\HLSW
2013-07-02 12:18 - 2009-02-01 20:52 - 00000000 ____D C:\Users\***\Documents\My Games
2013-07-02 12:16 - 2009-01-30 16:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:48 - 2013-07-02 12:29 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 17:02 - 2008-01-21 12:47 - 01445546 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 17:02 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-07-01 17:02 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-30 12:36 - 2013-06-29 21:24 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:15 - 2013-06-29 21:14 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:15 - 2013-06-29 21:14 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:11 - 2013-06-29 21:10 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 14:28

==================== End Of Log ============================
--- --- ---

--- --- ---


und ne Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2013 03
Ran by *** at 2013-07-03 19:20:43
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Photoshop CS3 (x32 Version: 10.0)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Setup (x32 Version: 1.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
aquasuite (x32)
ArcSoft Portrait+ (x32 Version: 2.0.0.221)
ArcSoft Scan-n-Stitch Deluxe (x32 Version: 1.1.2.27)
Ashampoo Photo Commander 5 FREE (x32 Version: 5.4.1)
Avidemux 2.5 (32-bit) (x32 Version: 2.5.6.7716)
AVS Document Converter 2.0.1 (x32)
AVS Update Manager 1.0 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Biet-O-Matic v2.10.1 (x32 Version: Biet-O-Matic v2.10.1)
Bonjour (Version: 3.0.0.10)
Brother HL-2035 (x32 Version: 1.00)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0)
Call of Duty(R) - World at War(TM) (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Canon Utilities Digital Photo Professional 3.6 (x32 Version: 3.6.0.0)
Canon Utilities EOS Utility (x32 Version: 2.6.0.0)
Canon Utilities WFT-E1/E2/E3/E4 Utility (x32 Version: 3.3.0.0)
CCleaner (Version: 4.02)
CDBurnerXP (x32 Version: 4.2.3.1110)
CDex extraction audio (x32)
ConvertHelper 2.2 (x32)
Creative 3DMIDI Player (x32 Version: 1.11)
Creative ALchemy (x32 Version: 1.41)
Creative Audio-Systemsteuerung (x32 Version: 3.00)
Creative Konsole Starter (x32 Version: 2.61)
Creative Media Toolbox 6 (Shared Components) (x32 Version: 2.80.12)
Creative Media Toolbox 6 (x32 Version: 6.00)
Creative MediaSource 5 (x32 Version: 5.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02)
Creative Systeminformationen (x32)
Creative WaveStudio 7 (x32 Version: 7.12)
Creative-Audiokonsole (x32)
Creative-Diagnose (x32 Version: 5.11)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.2.0)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (Version: 10.5.0.0)
Day of Defeat: Source (x32)
DeskScapes (x32)
DHTML Editing Component (x32 Version: 6.02.0001)
Dolby Digital Live Pack (x32 Version: 3.00)
DriverAgent by TouchStone Software (x32)
Dropbox (HKCU Version: 1.4.7)
EAX4 Unified Redist (x32 Version: 4.001)
Epson Copy Utility 3.5 (x32 Version: 3.5.0.0)
Epson Event Manager (x32 Version: 2.40.0002)
EPSON Perfection V33/V330 Handbuch (x32)
EPSON Scan (x32)
ESET Online Scanner v3 (x32)
ESL Wire 1.0.1
Fallout 3 (HKCU Version: 1.00.0000)
FastFontPreview v3.0.2 FREEWARE (x32)
FileZilla Client 3.7.0.2 (HKCU Version: 3.7.0.2)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b)
Free Audio CD Burner version 1.2 (x32)
Free FLV Converter V 6.7.6 (x32 Version: 6.7.6.0)
Free Mp3 Wma Converter V 1.81 (x32)
Free Video to MP3 Converter version 3.2 (x32)
Free YouTube to MP3 Converter version 3.3 (x32)
G Data AntiVirus 2014 (x32 Version: 24.0.2.4)
Garmin Lifetime Updater (x32 Version: 2.1.7)
Garmin POI Loader (x32 Version: 2.5.4.0)
Garmin USB Drivers (x32 Version: 2.3.0.0)
Garmin WebUpdater (x32 Version: 2.4.2)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.145)
Half-Life(R) 2 (x32 Version: 1.0.0.0)
ICQ6.5 (x32 Version: 6.5)
iTunes (Version: 10.6.3.25)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Killing Floor (x32)
K-Lite Codec Pack (64-bit) v2.6.0 (Version: 2.6.0)
K-Lite Codec Pack 4.5.3 (Full) (x32 Version: 4.5.3)
Lautstärkefenster (x32)
Lidl-Fotos (x32)
Logitech GamePanel Software 3.01 (Version: 3.01.180)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
Logitech SetPoint 5.20 (Version: 5.20)
Macromedia Dreamweaver MX (x32 Version: 6.0)
Macromedia Extension Manager (x32 Version: 1.5)
Macromedia Fireworks MX (x32 Version: 6)
Macromedia Flash MX (x32 Version: 6)
Macromedia FreeHand 10 (x32 Version: 10)
Media Go (x32 Version: 1.1.245)
Metro 2033 (x32)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Silverlight (x32 Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mindjet MindManager 2012 (x32 Version: 10.1.459)
Movavi Video Converter 8 (x32 Version: 8.02.002)
MozBackup 1.4.10 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
Mp3tag v2.46a (x32 Version: v2.46a)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
neroxml (x32 Version: 1.0.0)
Nitro Reader 2 (Version: 2.3.1.2)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA PhysX (x32 Version: 9.10.0222)
OpenAL (x32)
PDF Settings (x32 Version: 1.0)
PDF To Excel Converter V2.0 (x32)
PDFCreator (x32 Version: 1.2.3)
pdfforge Toolbar v6.7 (x32 Version: 6.7)
pdfsam (x32 Version: 2.2.0)
PDF-XChange 3
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
PhotoScape (x32)
PlayStation(R)Network Downloader (x32 Version: 1.02.00005)
PlayStation(R)Store (x32 Version: 2.0.8.03595)
PowerPDF Professional (x32 Version: 2.0)
PunkBuster Services (x32 Version: 0.988)
PVSonyDll (Version: 1.00.0001)
QNAP QGet (x32)
QuickPar 0.9 (x32 Version: 0.9)
QuickTime (x32 Version: 7.74.80.86)
ratDVD 0.78.1444 (x32 Version: 0.78.1444)
Remote Control USB Driver (x32 Version: 2.3.2.317)
Reservierungsplaner - Zimmerplan - Software-Pitzer (x32 Version: 13.0)
Reservierungsplaner - Zimmerplan (x32 Version: 5.3)
ResiGo (x32 Version: 1.0.0)
ResiGo9 (x32 Version: 1.0.0)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Skype™ 4.0 (x32 Version: 4.0.227)
SmartPCFixer 4.2 (Version: 4.2)
Sony Ericsson Update Engine (x32 Version: 2.12.4.17)
Sony PC Companion 2.10.030 (x32 Version: 2.10.030)
Sound Blaster X-Fi (x32 Version: 1.0)
SoundFont-Bank-Manager (x32)
Steam(TM) (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client
Tom Clancy's Splinter Cell Double Agent (x32 Version: 1.00.0000)
Ulead GIF Animator 5 Test (x32)
Ulead PhotoImpact X3 (x32 Version: 13.0)
Ultimate Extras sounds from Microsoft® Tinker™
Uninstall 1.0.0.1 (x32)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition (x32)
UseNeXT by Tangysoft (x32)
VCRedistSetup (x32 Version: 1.0.0)
Video mp3 Extractor (x32)
VLC media player 1.0.5 (x32 Version: 1.0.5)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Soundschemas
WinRAR archiver (x32)
Yahoo! Detect (x32)
Yahoo! Messenger (x32)

==================== Restore Points  =========================

28-06-2013 11:04:49 Installed QuickTime
29-06-2013 15:08:49 Windows Update
01-07-2013 13:54:37 Geplanter Prüfpunkt
02-07-2013 10:05:54 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
02-07-2013 10:07:37 Revo Uninstaller's restore point - Artisteer 2
02-07-2013 10:14:19 Revo Uninstaller's restore point - Hamster Free Video Converter
02-07-2013 10:16:11 Revo Uninstaller's restore point - shopping-preise.de AddOn Firefox
02-07-2013 10:17:41 Revo Uninstaller's restore point - Geländewagen-Simulator 2012 (Nur entfernen)
02-07-2013 10:20:32 Revo Uninstaller's restore point - Mozilla Firefox 22.0 (x86 de)
02-07-2013 10:24:55 Revo Uninstaller's restore point - HLSW v1.3.2.1
02-07-2013 10:47:41 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
02-07-2013 10:49:21 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
03-07-2013 11:24:17 Geplanter Prüfpunkt

==================== Scheduled Tasks (whitelisted) =============

Task: {290E8249-D46A-4FD1-969B-5109B3DCF174} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {2B4C1AF3-07D4-4D5B-8CD2-BF3EFBEB68C8} - System32\Tasks\EPUpdater => C:\Users\HEADCR~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {40AE2EA0-9E89-4FF2-864C-5D7A8C0E6C6A} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {510B5DC2-9013-472B-B53D-A6AAE2C2E41C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {6AAE2CB8-ADE3-46A7-A51C-9BDD32AB85A6} - System32\Tasks\User_Feed_Synchronization-{3AFECE7E-8FEF-4C63-8A7B-DEE9D0BA220E} => C:\Windows\system32\msfeedssync.exe [2011-06-28] (Microsoft Corporation)
Task: {83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} - \AdobeFlashPlayerUpdate No Task File
Task: {8EF40D15-CC70-4694-A8AD-94602F760467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {AD8FBB56-ED6F-4BEE-81B8-2332DDDA12B5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {CF4DDEFE-9489-45BC-BF58-70F81D879D20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {D4D36076-5BB0-4BBF-8288-644882FB1F2B} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {F03BC038-D75D-4CC8-B47D-D13A9D17F294} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F105BE0E-AFED-46FA-B1A7-48EFDC4397E7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: ESLvnic Virtual Network 64 Bit
Description: ESLvnic Virtual Network 64 Bit
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Turtle Entertainment GmbH
Service: ESLvnic1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2013 07:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x147c, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 06:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x774, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 05:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1520, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 04:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1a88, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 03:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0xa30, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 02:18:12 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1718, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 02:13:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/03/2013 02:13:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 01:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x152c, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/03/2013 00:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1744, Anwendungsstartzeit FlashPlayerUpdateService.exe0.


System errors:
=============
Error: (07/03/2013 02:15:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/03/2013 10:40:24 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 00:42:22 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 00:40:08 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 02.07.2013 um 12:35:41 unerwartet heruntergefahren.

Error: (07/02/2013 11:17:04 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 10:39:55 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/01/2013 06:03:48 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/01/2013 06:00:44 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 01.07.2013 um 17:57:52 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-07-03 19:20:20.405
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:20.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:20.033
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:19.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:19.652
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:19.465
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:19.275
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:20:19.064
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:19:57.187
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 19:19:57.018
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 75%
Total physical RAM: 4093.64 MB
Available physical RAM: 997.84 MB
Total Pagefile: 8364.54 MB
Available Pagefile: 3679.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Vista System C) (Fixed) (Total:293.94 GB) (Free:115.19 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Games) (Fixed) (Total:404.69 GB) (Free:263.82 GB) NTFS (Disk=0 Partition=2)
Drive e: (LEXAR) (Removable) (Total:7.45 GB) (Free:1.49 GB) FAT32 (Disk=4 Partition=1)
Drive f: (Osterbach) (Fixed) (Total:149.05 GB) (Free:123.53 GB) NTFS (Disk=3 Partition=1)
Drive h: (DINGSDA) (Fixed) (Total:465.65 GB) (Free:176.34 GB) FAT32 (Disk=1 Partition=1)
Drive i: (SCHWERLAST) (Removable) (Total:29.8 GB) (Free:12.83 GB) FAT32 (Disk=5 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: A5751F76)
Partition 1: (Active) - (Size=294 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=405 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: A9822CC5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 149 GB) (Disk ID: 21C9D2B0)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

========================================================
Disk: 5 (Size: 30 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)

==================== End Of Log ============================
hab gesehen immer noch die Fehlerhafte Anwendung FlashPlayerUpdateService.exe
schon sehr komisch :wtf:

schrauber 03.07.2013 18:42
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
Task: {83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} - \AdobeFlashPlayerUpdate No Task File
Task: {A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {D4D36076-5BB0-4BBF-8288-644882FB1F2B} - \AdobeFlashPlayerUpdate 2 No Task File
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Fränky 03.07.2013 20:04
So hier nun der Fixlog

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-06-2013 03
Ran by *** at 2013-07-03 20:12:11 Run:2
Running from C:\Users\***\Downloads
Boot Mode: Normal
==============================================

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} => Key deleted successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D4D36076-5BB0-4BBF-8288-644882FB1F2B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4D36076-5BB0-4BBF-8288-644882FB1F2B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.

==== End of Fixlog ====

Wie es nun aus sieht ist noch keine neue Meldung gekommen von Adobe.
Habe auch einen Neustart gemacht..immer noch nix da.. :applaus:

LG
Fränky

schrauber 03.07.2013 20:43
Dann räumen wir mal auf :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Fränky 04.07.2013 15:46
Hallo Schrauber, vielen Dank für Deine umfangreiche Hilfe. :dankeschoen:
Für mich ist es nicht selbstverständlich was ihr hier an Hilfe anbietet.

Ich habe eben 10 € gespendet, sicherlich reicht es nicht aus für die umfassende Hilfe, jedoch ein kleiner Beitrag um meinen Dank auszudrücken. Wenn ich momentan mehr geben könnte..würde ich nicht zögern!

Deine Ratschläge werde ich beachten und hoffe Trojanerfrei zu bleiben..ging ja bis Dato auch :)

Dir und eurem TEAM nur das Beste..:daumenhoc

LG Fränky..bei dem wieder alles supi funktioniert :crazy:

schrauber 04.07.2013 19:43
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:18 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131