| Indexation | 01.07.2013 19:51 |
ist doch im Anhang ?????
Aber gern auch so :
Erst addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2013 02
Ran by admin at 2013-07-01 20:10:01
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (x32 Version: 15.4.5722.2)
???? ??? Windows Live (x32 Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (x32 Version: 15.4.5722.2)
???? Windows Live (x32 Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (x32 Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (x32 Version: 15.4.5722.2)
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922)
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) (x32 Version: 15.4.5722.2)
?????????? Windows Live (x32 Version: 15.4.3502.0922)
??????????? ?? Windows Live (x32 Version: 15.4.3502.0922)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1395.4512)
Acrobat.com (x32 Version: 1.6.65)
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? (x32 Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2)
Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Community Help (x32 Version: 3.2.1)
Adobe Community Help (x32 Version: 3.2.1.650)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Premiere Elements 9 (x32 Version: 9.0)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (x32 Version: 3.1.1.12)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.28.291)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
ATI Catalyst Install Manager (Version: 3.0.808.0)
Audacity 2.0.2 (x32 Version: 2.0.2)
Backup Manager V3 (x32 Version: 3.0.0.90)
BearShare (x32 Version: 9.0.0.88083)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Camera RAW Plug-In for EPSON Creativity Suite (x32 Version: 2.3.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2011.0331.249.3126)
Catalyst Control Center Localization All (x32 Version: 2011.0331.249.3126)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0331.249.3126)
CCC Help Chinese Standard (x32 Version: 2011.0331.0248.3126)
CCC Help Chinese Traditional (x32 Version: 2011.0331.0248.3126)
CCC Help Czech (x32 Version: 2011.0331.0248.3126)
CCC Help Danish (x32 Version: 2011.0331.0248.3126)
CCC Help Dutch (x32 Version: 2011.0331.0248.3126)
CCC Help English (x32 Version: 2011.0331.0248.3126)
CCC Help Finnish (x32 Version: 2011.0331.0248.3126)
CCC Help French (x32 Version: 2011.0331.0248.3126)
CCC Help German (x32 Version: 2011.0331.0248.3126)
CCC Help Greek (x32 Version: 2011.0331.0248.3126)
CCC Help Hungarian (x32 Version: 2011.0331.0248.3126)
CCC Help Italian (x32 Version: 2011.0331.0248.3126)
CCC Help Japanese (x32 Version: 2011.0331.0248.3126)
CCC Help Korean (x32 Version: 2011.0331.0248.3126)
CCC Help Norwegian (x32 Version: 2011.0331.0248.3126)
CCC Help Polish (x32 Version: 2011.0331.0248.3126)
CCC Help Portuguese (x32 Version: 2011.0331.0248.3126)
CCC Help Russian (x32 Version: 2011.0331.0248.3126)
CCC Help Spanish (x32 Version: 2011.0331.0248.3126)
CCC Help Swedish (x32 Version: 2011.0331.0248.3126)
CCC Help Thai (x32 Version: 2011.0331.0248.3126)
CCC Help Turkish (x32 Version: 2011.0331.0248.3126)
ccc-core-static (x32 Version: 2011.0331.249.3126)
ccc-utility64 (Version: 2011.0331.249.3126)
CDex - Open Source Digital Audio CD Extractor (x32 Version: 1.70.4.2009)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Configo (x32 Version: 2.1.7.0)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Control ActiveX del Windows Live Mesh per a connexions remotes (x32 Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95)
CyberLink MediaEspresso (x32 Version: 6.0.1027_32100)
D3DX10 (x32 Version: 15.4.2368.0902)
Desktop Icon für Amazon (Version: 1.0.1 (de))
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
DivX-Setup (x32 Version: 2.6.1.9)
Elements 9 Organizer (x32 Version: 9.0)
Elements STI Installer (x32 Version: 1.0)
ElsterFormular (x32 Version: 14.0.0.10960)
EPSON Attach To Email (x32 Version: 1.01.0000)
EPSON Easy Photo Print (x32 Version: 1.5.1.0)
EPSON File Manager (x32 Version: 1.3.1.0)
EPSON Scan (x32)
EPSON Scan Assistant (x32 Version: 1.10.00)
EPSON Stylus SX200 Series Printer Uninstall
EPSON Stylus SX200_SX400_TX200_TX400 Handbuch (x32)
FATE (x32 Version: 2.2.0.95)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Foxit Reader (x32 Version: 5.4.5.124)
Free FLV Converter V 7.5.0 (x32 Version: 7.5.0.0)
Free YouTube Download version 3.2.1.320 (x32 Version: 3.2.1.320)
Freecom Hard Drive Formatter 1.41 (x32)
Freecom Product Update 1.06 (x32)
FreePDF (Remove only) (x32)
Freeware.de Toolbar (x32 Version: 6.8.2.0)
Freez FLV to MP3 Converter (x32 Version: 1.5)
FreeZip (x32)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 27.0.1453.116)
Google Earth (x32 Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.145)
GPL Ghostscript 8.64 (x32)
HomeMedia (x32 Version: 2.0.8520)
iCloud (Version: 2.1.1.3)
Identity Card (x32 Version: 1.00.3006)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 38 (x32 Version: 6.0.380)
JDownloader 0.9 (x32 Version: 0.9)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kontrola Windows Live Mesh ActiveX za daljinske veze (x32 Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Launch Manager (x32 Version: 5.1.4)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2000 Premium (x32 Version: 9.00.2816)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 10.0.2 (x86 de) (x32 Version: 10.0.2)
MSI to redistribute MS VS2005 CRT libraries (x32 Version: 8.0.50727.42)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Control Center 10 (x32 Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.0018)
Norton Internet Security (x32 Version: 18.7.2.3)
Norton Online Backup (x32 Version: 2.1.17869)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Orbit Downloader (x32)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení (x32 Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2)
Packard Bell Games (x32 Version: 1.0.2.4)
Packard Bell MyBackup (x32 Version: 3.0.0.90)
Packard Bell Power Management (x32 Version: 6.00.3006)
Packard Bell Recovery Management (x32 Version: 5.00.3002)
Packard Bell Registration (x32 Version: 1.03.3004)
Packard Bell ScreenSaver (x32 Version: 1.1.1025.2010)
Packard Bell Social Networks (x32 Version: 2.0.2211)
Packard Bell Updater (x32 Version: 1.02.3005)
PDF Settings CS6 (x32 Version: 11.0)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.95)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Profi cash (x32)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.73.80.64)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30123)
RedMon - Redirection Port Monitor
RewardsArcadeSuite (HKCU)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922)
Secure Eraser v4.0 (x32)
Skype™ 5.10 (x32 Version: 5.10.116)
Slingo Deluxe (x32 Version: 2.2.0.95)
Softonic toolbar on IE and Chrome (x32)
Spybot - Search & Destroy (x32 Version: 1.6.2)
StarMoney (x32 Version: 2.0)
StarMoney (x32 Version: 3.0.5.8)
StarMoney 8.0 (x32 Version: 8.0)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
Torchlight (x32 Version: 2.2.0.95)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update Installer for WildTangent Games App (x32)
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (x32 Version: 15.4.5722.2)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Video Web Camera (x32 Version: 1.0.1523)
VideoConverter (x32)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3102)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.3.57)
Windows Live ??? (x32 Version: 15.4.3502.0922)
Windows Live ???? (x32 Version: 15.4.3502.0922)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinX Free FLV to MP4 Converter 4.1.7 (x32)
WinZip 15.0 (x32 Version: 15.0.9411)
WiseConvert 1.3 Toolbar (x32 Version: 6.9.0.16)
Zuma Deluxe (x32 Version: 2.2.0.95)
==================== Restore Points =========================
23-06-2013 11:51:43 Windows Update
28-06-2013 11:48:17 Windows Update
30-06-2013 15:04:02 Installed Sophos Virus Removal Tool.
30-06-2013 17:29:00 Removed Sophos Virus Removal Tool.
==================== Hosts content: ==========================
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are more than 1000 lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {16730B1D-FF19-4019-B458-583B0F10930C} - System32\Tasks\AdobeAAMUpdater-1.0-home-jörg => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {201A9F1F-21A7-4640-B369-912633B026B6} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {277F5A78-E82A-4029-B7E1-F6F469598154} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-10-28] (CyberLink)
Task: {2B67024A-00BB-4A12-B31D-75CEAEF38327} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {597CCC43-0860-4880-8F24-B5B2B6B2D937} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {59A7CAB6-C4D9-4180-8952-DE97E258317C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {60193A6D-E0B7-480F-8AC6-289BFE6BBD06} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2799057012-1557965162-470920329-1004 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {72D588D8-BE7B-49E6-B5D6-2B21DA28DC4C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {74723509-D50E-40F4-A4E8-2B6F9D66BF61} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2011-07-28] (Microsoft Corporation)
Task: {8D90092A-3603-4DF4-B0FF-3B36A7B01AA7} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {98EAF0E2-62FF-41B5-BC9B-09C1BC06AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-29] (Google Inc.)
Task: {C7D2F019-EE9B-4EC0-84FE-9ADFE36BCD69} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {D0FD4A03-5F63-460A-A834-6F37086B10DC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {DE75400B-3886-447C-9DF1-EB96F1A9124D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-29] (Google Inc.)
Task: {E00BA8FA-2C19-46D6-B7D6-0E768914F1FE} - System32\Tasks\AdobeAAMUpdater-1.0-home-Manu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {E55DB095-337A-4A84-89A3-9E4AFF305883} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2799057012-1557965162-470920329-1007 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {FE27252D-67E3-4AE5-9D07-465D2160F3B8} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2799057012-1557965162-470920329-1003 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BearShareNAG.job => C:\Users\JRG~1\AppData\Local\Temp\BearShare_setup.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2013 07:03:01 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16490 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1e58
Startzeit: 01ce767c802d61d3
Endzeit: 25
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (07/01/2013 06:51:20 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 17.0.1.4715 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11d4
Startzeit: 01ce767b018835eb
Endzeit: 81
Anwendungspfad: D:\firefox\firefox.exe
Berichts-ID: 71ef633e-e26e-11e2-b053-b870f4817a81
Error: (07/01/2013 05:13:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2013 03:42:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 06:58:10 PM) (Source: Application Hang) (User: )
Description: Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 538
Startzeit: 01ce75b26eb7ba35
Endzeit: 12
Anwendungspfad: D:\spybot\Spybot - Search & Destroy\SpybotSD.exe
Berichts-ID:
Error: (06/30/2013 06:54:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 04:07:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 01:46:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2013 05:18:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2013 03:27:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16490, Zeitstempel: 0x51955cca
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x16a8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
System errors:
=============
Error: (07/01/2013 07:42:54 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:52 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:51 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:46 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:45 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:43 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:42 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:41 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:36 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Error: (07/01/2013 07:42:35 PM) (Source: DCOM) (User: home)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}homeadminS-1-5-21-2799057012-1557965162-470920329-1001LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (07/01/2013 07:03:01 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164901e5801ce767c802d61d325C:\Program Files (x86)\Internet Explorer\iexplore.exe
Error: (07/01/2013 06:51:20 PM) (Source: Application Hang)(User: )
Description: firefox.exe17.0.1.471511d401ce767b018835eb81D:\firefox\firefox.exe71ef633e-e26e-11e2-b053-b870f4817a81
Error: (07/01/2013 05:13:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2013 03:42:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 06:58:10 PM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.4653801ce75b26eb7ba3512D:\spybot\Spybot - Search & Destroy\SpybotSD.exe
Error: (06/30/2013 06:54:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 04:07:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2013 01:46:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2013 05:18:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2013 03:27:05 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1649051955ccantdll.dll6.1.7601.177254ec49b8fc0000374000ce6c316a801ce74cc03105549C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll96b8a9c0-e0bf-11e2-a306-b870f4817a81
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 3947.86 MB
Available physical RAM: 1316.89 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5091.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:103.86 GB) (Free:13.53 GB) NTFS (Disk=0 Partition=3)
Drive d: (Software) (Fixed) (Total:97.66 GB) (Free:79.71 GB) NTFS (Disk=0 Partition=4)
Drive e: (Data) (Fixed) (Total:244.14 GB) (Free:54.25 GB) NTFS
Drive g: (TOSHIBA) (Removable) (Total:7.21 GB) (Free:3.63 GB) FAT32 (Disk=1 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5EBAD0F3)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=342 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 6B1B7998)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
Dann die FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2013 02
Ran by admin (administrator) on 01-07-2013 20:07:19
Running from C:\Users\admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Ask.com) C:\ProgramData\Ask\APN-Stub\FXTV5\Local\ApnStub.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Philips) D:\prestigo\2.1.7.0\Configo.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(ArcSoft, Inc.) D:\TV\TMMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) D:\I tunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
(Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
() D:\Downloads\setup_11.0.0.1245.x01_2013_07_01_18_13.exe
() C:\Users\admin\AppData\Local\Temp\RarSFX2\7666287.exe
(Kaspersky Lab) C:\Users\admin\AppData\Local\Temp\3067917\7666287.exe
(Mozilla Corporation) D:\firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Mozilla Corporation) D:\firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\RunOnce: [ApnStub] "C:\ProgramData\Ask\APN-Stub\FXTV5\Local\ApnStub.exe" /debug /hpr toolbar=FXTV5 dtid= /tbr /sa toolbar=FXTV5 dtid= [356520 2013-05-08] (Ask.com)
HKLM-x32\...\Runonce: [GrpConv] grpconv -o [x]
HKCU\...\Run: [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE /FU "C:\Users\admin\AppData\Local\Temp\E_SE1A8.tmp" /EF "HKCU" [x] <===== ATTENTION
HKCU\...\Run: [AdobeBridge] [x]
HKCR\...0c966feabec1\InprocServer32: [Default-shell32] %SystemRoot%\system32\shell32.dll ATTENTION! ====> ZeroAccess?
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] %SystemRoot%\system32\shell32.dll ATTENTION! ====> ZeroAccess?
MountPoints2: {8cc8f981-b8ba-11e0-a0ec-806e6f6e6963} - F:\Autorun.exe
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" -h -k [295744 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-03-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] "C:\Program Files (x86)\FreePDF_XP\fpassist.exe" [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IR_SERVER] D:\tv\IR_SERVER.exe [x]
HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] "D:\I tunes\iTunesHelper.exe" [x]
HKU\jörg\...\Run: [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE /FU "C:\Windows\TEMP\E_S5BF5.tmp" /EF "HKCU" [x] <===== ATTENTION
HKU\jörg\...\Run: [Copernic Desktop Search - Home] "D:\search\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray [x]
HKU\jörg\...\Run: [Norton Download Manager{NBRT41-B34-Retail-4abb-B07C-C084B04B4F12}] C:\Users\Public\Downloads\Norton\{NBRT41-B34-Retail-4abb-B07C-C084B04B4F12}\NBRT-Retail-Downloader.exe /m [x]
HKU\jörg\...\Winlogon: [Shell] cmd.exe [345088 2010-11-21] (Microsoft Corporation) <==== ATTENTION
HKU\jörg\...\Command Processor: <===== ATTENTION!
AppInit_DLLs: [0 ] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_07623136.lnk
ShortcutTarget: _uninst_07623136.lnk -> C:\Users\admin\AppData\Local\Temp\_uninst_07623136.bat (No File)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_62611638.lnk
ShortcutTarget: _uninst_62611638.lnk -> C:\Users\admin\AppData\Local\Temp\_uninst_62611638.bat ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_99245666.lnk
ShortcutTarget: _uninst_99245666.lnk -> C:\Users\admin\AppData\Local\Temp\_uninst_99245666.bat (No File)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Philips Configo.lnk
ShortcutTarget: Philips Configo.lnk -> D:\prestigo\2.1.7.0\Configo.exe (Philips)
Startup: C:\ProgramData\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> D:\TV\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zahlungserinnerung.lnk
ShortcutTarget: Zahlungserinnerung.lnk -> D:\Profi cash\wzed.exe ()
Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> D:\open office\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/#output=search&sclient=psy-ab&q=test&oq=test&gs_l=hp.12..0l4.9000.9329.0.11166.4.4.0.0.0.0.88.276.4.4.0...0.0...1c.1.18.psy-ab.H4SAn_fWiPk&pbx=1&bav=on.2,or.r_qf.&bvm=bv.48572450,d.Yms&fp=ca1c41bc59b1d6d5&biw=1230&bih=534
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
URLSearchHook: (No Name) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - No File
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=8712433843584564&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=8712433843584564&q={searchTerms}
HKCU SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=8712433843584564&q={searchTerms}
SearchScopes: HKCU - {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=DE&install_date=20120108&user_guid=AA59C97E440F40A1920182F9F55FF4FB&machine_id=49bd5e136d2b2f631ebe4891a8a6fb02&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=8712433843584564&q={searchTerms}
SearchScopes: HKCU - {B49ED955-277E-438A-9199-D02FF81A91EA} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3242337
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: WiseConvert 1.3 Toolbar - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files (x86)\WiseConvert_1.3\prxtbWis0.dll (Conduit Ltd.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Freeware.de Toolbar - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM-x32 - WiseConvert 1.3 Toolbar - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files (x86)\WiseConvert_1.3\prxtbWis0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No File
Toolbar: HKCU - No Name - {213C8ED6-1D78-4D8F-8729-25006AA86A76} - No File
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler-x32: ipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4b8kq9k8.default
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4b8kq9k8.default\user.js
FF SearchEngine: Search Results
FF Homepage: hxxp://www.bing.com/?cc=de
FF Keyword.URL: hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=bcde545000000000000018f46ad5266c&tlver=1.5.29.1&instlRef=sst&babTrack&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\I tunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Babylon - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4b8kq9k8.default\Extensions\ffxtlbr@babylon.com
FF Extension: SpecialSavings - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4b8kq9k8.default\Extensions\specialsavings@superfish.com
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4b8kq9k8.default\Extensions\{35379F86-8CCB-4724-AE33-4278DE266C70}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF HKLM-x32\...\Firefox\Extensions: [crossriderapp1950@crossrider.com] C:\Users\admin\AppData\Local\RewardsArcadeSuite\1950\Firefox
FF Extension: No Name - C:\Users\admin\AppData\Local\RewardsArcadeSuite\1950\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles/4b8kq9k8.default\extensions\specialsavings@superfish.com
FF Extension: SpecialSavings - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles/4b8kq9k8.default\extensions\specialsavings@superfish.com
Chrome:
=======
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Babylon Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0
CHR Extension: (RewardsArcade Suite) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.18.35_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [873064 2011-02-22] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] ()
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
==================== Drivers (Whitelisted) ====================
R0 07623136; C:\Windows\System32\DRIVERS\07623136.sys [460888 2013-05-13] (Kaspersky Lab ZAO)
R0 62611638; C:\Windows\System32\DRIVERS\62611638.sys [460888 2013-07-01] (Kaspersky Lab ZAO)
R0 99245666; C:\Windows\System32\DRIVERS\99245666.sys [460888 2013-06-22] (Kaspersky Lab ZAO)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130620.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130620.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-12] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130628.001\IDSvia64.sys [513184 2013-06-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130628.001\IDSvia64.sys [513184 2013-06-01] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130630.003\ENG64.SYS [126040 2013-06-04] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130630.003\ENG64.SYS [126040 2013-06-04] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130630.003\EX64.SYS [2098776 2013-06-04] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130630.003\EX64.SYS [2098776 2013-06-04] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-07-28] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43640 2011-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-01 20:07 - 2013-07-01 20:07 - 00000000 ____D C:\FRST
2013-07-01 20:06 - 2013-07-01 20:05 - 01933776 ____A (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-07-01 20:04 - 2013-07-01 20:05 - 01933776 ____A (Farbar) C:\Users\admin\Downloads\FRST64.exe
2013-07-01 19:15 - 2013-07-01 19:15 - 00000000 ____D C:\Users\admin\AppData\Local\Macromedia
2013-07-01 19:01 - 2013-07-01 19:01 - 00000000 ____D C:\Users\JD\AppData\Local\{3D9F68A6-A700-4BD6-B3D7-E00B98D0E883}
2013-07-01 18:49 - 2013-07-01 18:49 - 00008764 ____A C:\Users\Manu\Desktop\favoriten.htm
2013-07-01 18:48 - 2013-07-01 18:48 - 00000000 ____A C:\Users\Manu\Desktop\lesezeichen.html
2013-07-01 18:47 - 2013-07-01 18:47 - 00008764 ____A C:\Users\Manu\Desktop\bookmark.htm
2013-07-01 18:06 - 2013-07-01 18:13 - 00460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\62611638.sys
2013-07-01 15:44 - 2013-07-01 15:44 - 00000000 ____D C:\Users\Manu\AppData\Local\{BE2D3B67-3432-4D70-9484-89DE2876AE15}
2013-06-30 19:31 - 2013-06-22 16:02 - 00460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\99245666.sys
2013-06-30 19:13 - 2013-06-30 19:14 - 00000000 ____D C:\Users\JD\Desktop\Tai Chi
2013-06-30 18:46 - 2013-06-30 18:46 - 00001453 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-30 18:45 - 2013-06-30 18:45 - 00000000 ____D C:\Program Files\iTunes
2013-06-30 18:45 - 2013-06-30 18:45 - 00000000 ____D C:\Program Files\iPod
2013-06-30 16:48 - 2013-06-30 16:57 - 00000000 ____D C:\Users\JD\AppData\Roaming\vlc
2013-06-30 16:40 - 2013-06-30 16:47 - 00000000 ____D C:\Users\JD\AppData\Local\{4B6F1783-475F-4BBA-B2E4-A2E1066B7B92}
2013-06-30 16:40 - 2013-06-30 16:40 - 00000000 ____D C:\Users\JD\AppData\Local\{305B313F-8EAF-47FE-9E73-6FBB8F7B581B}
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{B6C34DF3-9A63-4832-9B58-84F2D7A73B36}
2013-06-30 13:51 - 2013-06-30 13:51 - 00000000 ____D C:\Users\JD\AppData\Roaming\Mozilla
2013-06-30 13:51 - 2013-06-30 13:51 - 00000000 ____D C:\Users\JD\AppData\Local\Mozilla
2013-06-29 16:27 - 2013-06-29 16:28 - 00000000 ____D C:\Users\JD\MediaEspresso
2013-06-29 16:27 - 2013-06-29 16:27 - 00000000 ____D C:\Users\JD\AppData\Roaming\CyberLink
2013-06-29 16:05 - 2013-06-30 18:47 - 00000000 ____D C:\Users\JD\AppData\Roaming\Applian FLV and Media Player
2013-06-29 16:03 - 2013-06-29 16:03 - 00156028 ____A C:\Users\JD\Desktop\libmp3lame-win-3.97.zip
2013-06-29 16:02 - 2013-06-29 17:16 - 00000000 ____D C:\Users\JD\AppData\Roaming\Orbit
2013-06-29 16:02 - 2013-06-29 16:02 - 00000000 ____D C:\Users\JD\AppData\Roaming\ProgSense
2013-06-29 15:58 - 2013-06-30 19:09 - 00000000 ____D C:\Users\JD\AppData\Roaming\Audacity
2013-06-29 15:57 - 2013-06-30 18:40 - 00019086 ____A C:\Users\JD\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil.aup
2013-06-29 15:57 - 2013-06-29 15:57 - 00000000 ____D C:\Users\JD\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil_data
2013-06-29 15:57 - 2013-06-04 20:36 - 00001609 ____A C:\Users\JD\Desktop\Zugangsdaten.doc - Verknüpfung.lnk
2013-06-29 15:57 - 2013-03-24 21:33 - 35210877 ____A C:\Users\JD\Desktop\0004.mp4
2013-06-29 15:57 - 2013-03-24 17:51 - 71403622 ____A C:\Users\JD\Desktop\0001.mp4
2013-06-29 15:57 - 2013-03-10 13:26 - 00001333 ____A C:\Users\JD\Desktop\IMG_3288.JPG - Verknüpfung.lnk
2013-06-29 15:57 - 2013-03-03 23:43 - 00001494 ____A C:\Users\JD\Desktop\Photoshop.lnk
2013-06-29 15:57 - 2012-09-05 20:27 - 00001109 ____A C:\Users\JD\Desktop\audacity..lnk
2013-06-29 15:57 - 2012-07-29 19:19 - 00001154 ____A C:\Users\JD\Desktop\FreeVideoPerformer.lnk
2013-06-29 15:57 - 2012-03-22 22:05 - 00000855 ____A C:\Users\JD\Desktop\TotalMedia.lnk
2013-06-29 15:57 - 2012-01-04 17:46 - 00001010 ____A C:\Users\JD\Desktop\Teamviewer.lnk
2013-06-29 15:57 - 2011-11-08 20:32 - 00000541 ____A C:\Users\JD\Desktop\Profi cash.lnk
2013-06-29 15:57 - 2011-07-30 22:45 - 00000967 ____A C:\Users\JD\Desktop\WORD.lnk
2013-06-29 15:57 - 2011-07-30 22:41 - 00000975 ____A C:\Users\JD\Desktop\EXCEL -.lnk
2013-06-29 15:57 - 2011-07-30 21:08 - 00000355 ____A C:\Users\JD\Desktop\home.lnk
2013-06-29 15:57 - 2011-04-19 13:21 - 00001272 ____A C:\Users\JD\Desktop\Snipping Tool.lnk
2013-06-29 15:57 - 2010-10-26 13:22 - 05661184 ____A (Digiarty Software, Inc.) C:\Users\JD\Desktop\WinX_Free_FLV_to_MP4_Converter.exe
2013-06-29 14:14 - 2013-06-29 14:14 - 00000000 ____D C:\Users\Manu\AppData\Local\{8D5FB07C-1332-4180-811D-0B0937414065}
2013-06-28 13:45 - 2013-06-28 13:45 - 00000000 ____D C:\Users\Manu\AppData\Local\{CF15F97D-FD2A-4921-9620-F46E5FAE8FE9}
2013-06-27 15:46 - 2013-06-27 15:46 - 00000000 ____D C:\Users\Manu\AppData\Local\{8D30D727-0318-40CE-BBBF-2EE5696849ED}
2013-06-26 19:16 - 2013-06-26 19:16 - 00013304 ____A C:\Users\JD\Desktop\SnippingTool - Verknüpfung.lnk
2013-06-26 19:11 - 2013-06-26 19:12 - 00000000 ____D C:\Users\JD\AppData\Local\{C5EB48C1-30C5-4AEF-9AD7-D4E702E19C4D}
2013-06-26 16:22 - 2013-06-26 16:22 - 00000000 ____D C:\Users\Manu\AppData\Local\{12172258-93F8-4732-B7DB-EA3ABDD86310}
2013-06-25 19:12 - 2013-06-25 19:12 - 00000000 ____D C:\Users\Manu\AppData\Local\{81026923-5E18-4EA7-B18D-3CD51D7B2524}
2013-06-24 15:49 - 2013-06-24 15:49 - 00000000 ____D C:\Users\Manu\AppData\Local\{BFEDC1D9-3EBA-4CCE-8A01-0AC2B1BE3311}
2013-06-23 20:40 - 2013-06-23 20:40 - 00000000 ____D C:\Users\Manu\AppData\Local\{E3FEFA46-4EE9-4B5F-82AC-51C42AEFCFA8}
2013-06-23 19:32 - 2013-06-23 19:32 - 00000000 ____D C:\Users\JD\AppData\Local\Apple
2013-06-23 18:24 - 2013-06-23 18:24 - 00000000 ____D C:\Users\JD\AppData\Roaming\EPSON
2013-06-23 18:23 - 2013-06-23 18:23 - 00000000 ____A C:\Users\JD\Sti_Trace.log
2013-06-23 14:39 - 2013-06-23 14:39 - 00001502 ____A C:\Users\JD\Desktop\Windows Live Mail.lnk
2013-06-23 13:47 - 2013-06-29 15:27 - 00000000 ____D C:\Users\JD\AppData\Local\CrashDumps
2013-06-23 13:24 - 2013-06-23 13:30 - 00000000 ____D C:\Users\JD\AppData\Roaming\Google
2013-06-23 13:24 - 2013-06-23 13:30 - 00000000 ____D C:\Users\JD\AppData\Local\Google
2013-06-23 13:21 - 2013-06-23 22:37 - 00000000 ____D C:\Users\JD\AppData\Roaming\Windows Live Writer
2013-06-23 13:21 - 2013-06-23 20:22 - 00000000 ____D C:\Users\JD\AppData\Local\Windows Live Writer
2013-06-23 13:21 - 2013-06-23 13:21 - 00000000 ____D C:\Users\JD\AppData\Local\{7D8C5629-8D8E-40C7-8407-BAAA224646DF}
2013-06-23 13:20 - 2013-06-23 13:20 - 00000000 ____D C:\Users\JD\AppData\Local\ArcSoft
2013-06-23 13:19 - 2013-06-30 16:40 - 00000000 ____D C:\Users\JD\AppData\Local\Windows Live
2013-06-23 13:19 - 2013-06-30 16:21 - 00000000 ____D C:\users\JD
2013-06-23 13:19 - 2013-06-28 18:25 - 00000000 ____D C:\Users\JD\AppData\Local\Apple Computer
2013-06-23 13:19 - 2013-06-23 19:32 - 00000000 ____D C:\Users\JD\AppData\Roaming\Apple Computer
2013-06-23 13:19 - 2013-06-23 18:30 - 00000000 ____D C:\Users\JD\AppData\Roaming\Adobe
2013-06-23 13:19 - 2013-06-23 18:30 - 00000000 ____D C:\Users\JD\AppData\Local\Adobe
2013-06-23 13:19 - 2013-06-23 13:26 - 00002267 ____A C:\Users\JD\Desktop\Google Chrome.lnk
2013-06-23 13:19 - 2013-06-23 13:20 - 00000000 ____D C:\Users\JD\AppData\Roaming\ArcSoft
2013-06-23 13:19 - 2013-06-23 13:19 - 00073384 ____A C:\Users\JD\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Vorlagen
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Startmenü
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Netzwerkumgebung
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Lokale Einstellungen
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Eigene Dateien
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Druckumgebung
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Documents\Eigene Musik
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Documents\Eigene Bilder
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\AppData\Local\Verlauf
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\AppData\Local\Anwendungsdaten
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Anwendungsdaten
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Local\VirtualStore
2013-06-23 13:19 - 2011-04-19 14:30 - 00000000 ____D C:\Users\JD\AppData\Local\Cyberlink
2013-06-23 13:19 - 2011-04-19 14:25 - 00000000 ____D C:\Users\JD\AppData\Roaming\Macromedia
2013-06-23 13:19 - 2011-04-19 13:33 - 00000000 ____D C:\Users\JD\AppData\Roaming\Intel Corporation
2013-06-23 13:19 - 2011-04-19 13:31 - 00000000 ____D C:\Users\JD\AppData\Roaming\InstallShield
2013-06-23 13:19 - 2010-11-21 04:50 - 00000020 ___SH C:\Users\JD\ntuser.ini
2013-06-22 15:56 - 2013-06-22 15:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 15:56 - 2013-06-22 15:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-21 17:06 - 2013-06-21 17:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{58054010-D9C4-493A-BA5C-ECC6AB248295}
2013-06-20 14:55 - 2013-06-20 14:56 - 00000000 ____D C:\Users\Manu\AppData\Local\{20F75D8B-C59D-4957-B684-2730AE880216}
2013-06-19 14:43 - 2013-06-19 14:43 - 00000000 ____D C:\Users\Manu\AppData\Local\{EB4454CD-9472-471D-82BD-C8AC2DC6FADA}
2013-06-18 23:02 - 2013-06-18 23:02 - 09755584 ____A (SurfRight B.V.) C:\Users\admin\Downloads\hitmanpro_x64.exe
2013-06-18 22:34 - 2013-06-18 22:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-18 22:32 - 2013-05-13 16:56 - 00460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\07623136.sys
2013-06-18 22:02 - 2013-06-18 22:02 - 01084698 ____A C:\ProgramData\2433f433
2013-06-18 22:02 - 2013-06-18 22:02 - 01084684 ____A C:\Users\jörg\AppData\Roaming\2433f433
2013-06-18 22:02 - 2013-06-18 22:02 - 01084669 ____A C:\Users\jörg\AppData\Local\2433f433
2013-06-18 19:07 - 2013-06-18 19:07 - 00000000 ____D C:\Users\jörg\AppData\Local\{A2442D88-5E58-49A3-A333-204F436735D8}
2013-06-16 17:32 - 2013-06-16 17:32 - 00000000 ____D C:\Users\jörg\AppData\Local\{267C70E8-5B72-45D7-9CDF-DECD5E6E3A5C}
2013-06-14 15:25 - 2013-06-14 15:25 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 14:56 - 2013-06-14 14:56 - 00000000 ____D C:\Users\Manu\AppData\Local\{99EE7253-67B4-4F61-A8BC-9177B9312D33}
2013-06-13 16:44 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 16:44 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 16:44 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 16:44 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 16:44 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 16:44 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 16:44 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 16:44 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-13 16:44 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-13 16:44 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-13 16:44 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-13 16:44 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 16:44 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-13 16:43 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 16:43 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 16:43 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 16:43 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 16:43 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 16:43 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 16:43 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-13 16:43 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 16:43 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 16:43 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 16:43 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-13 16:43 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-13 16:43 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 16:43 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-13 16:43 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-13 16:43 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 16:43 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 16:43 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 16:43 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-13 16:16 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 16:16 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 16:16 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 16:16 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 16:16 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 16:16 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 16:16 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 16:16 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 16:16 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 16:16 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 16:14 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 16:14 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 16:14 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 16:14 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 16:14 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 16:06 - 2013-06-13 16:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{44E2793B-6AD0-41D5-B25A-69DFDE532F57}
2013-06-11 14:53 - 2013-06-11 14:53 - 00000000 ____D C:\Users\Manu\AppData\Local\{A0821F0E-E78A-4601-B328-5A5F35668781}
2013-06-10 20:44 - 2013-06-10 20:44 - 00000000 ____D C:\Users\jörg\AppData\Local\{7563DCB8-3CAB-493E-A1E5-3BFAA1192631}
2013-06-09 19:30 - 2013-06-09 19:30 - 00000000 ____D C:\Users\Manu\AppData\Local\{FEC6F72C-007B-4073-A665-3FDE103D2FAE}
2013-06-08 09:48 - 2013-06-08 09:48 - 00000000 ____D C:\Users\Manu\AppData\Local\{C463F1D9-FD8A-47BF-8DC5-44B3DFA22AB7}
2013-06-07 16:04 - 2013-06-07 16:04 - 00000000 ____D C:\Users\Manu\AppData\Local\{377F3E1B-52C1-418A-A5B0-397F38965AE9}
2013-06-06 18:43 - 2013-06-06 18:43 - 00000000 ____D C:\Users\jörg\AppData\Local\{65138475-27C5-448E-BCB3-4A88B43B1F56}
2013-06-06 16:14 - 2013-06-06 16:14 - 00000000 ____D C:\Users\Manu\AppData\Local\{C5CCD79F-D5C9-408F-A647-387609FE459E}
2013-06-05 16:38 - 2013-06-05 16:38 - 00000000 ____D C:\Users\Manu\AppData\Local\{2630AFAC-26F1-4E03-86ED-E810169F8E2B}
2013-06-04 20:41 - 2013-06-04 20:41 - 00000000 ____D C:\Users\jörg\AppData\Local\{C3C906FE-0FE4-43D6-96B6-5937D326E06F}
2013-06-04 20:36 - 2013-06-04 20:36 - 00001609 ____A C:\Users\jörg\Desktop\Zugangsdaten.doc - Verknüpfung.lnk
2013-06-04 19:40 - 2013-06-04 19:40 - 00000000 ____D C:\Users\jörg\AppData\Local\{3C44CF72-A437-41AE-AFC5-C9EC1DF8556D}
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\Manu\AppData\Local\{BD654D46-DA3D-439F-9F7C-6EE6485BDE83}
2013-06-03 14:15 - 2013-06-03 14:15 - 00000000 ____D C:\Users\Manu\AppData\Local\{80A46B06-9E39-4984-802A-96CBCF0E00E4}
2013-06-02 21:45 - 2013-06-02 21:45 - 00000000 ____D C:\Users\jörg\AppData\Local\{9C36CA55-8318-41D5-860F-7056DC52E4B6}
2013-06-02 19:16 - 2013-06-02 21:29 - 00019764 ____A C:\Users\jörg\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil.aup
2013-06-02 19:16 - 2013-06-02 19:16 - 00000000 ____D C:\Users\jörg\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil_data
2013-06-02 11:17 - 2013-06-02 11:17 - 00000000 ____D C:\Users\Manu\AppData\Local\{9DDD6CF3-BA43-42BE-B0C0-593440A39EC4}
==================== One Month Modified Files and Folders =======
2013-07-01 20:07 - 2013-07-01 20:07 - 00000000 ____D C:\FRST
2013-07-01 20:07 - 2011-08-05 18:47 - 00000000 ____D C:\Users\admin\AppData\Roaming\Apple Computer
2013-07-01 20:05 - 2013-07-01 20:06 - 01933776 ____A (Farbar) C:\Users\admin\Desktop\FRST64.exe
2013-07-01 20:05 - 2013-07-01 20:04 - 01933776 ____A (Farbar) C:\Users\admin\Downloads\FRST64.exe
2013-07-01 20:04 - 2011-07-28 13:36 - 00659690 ____A C:\Windows\System32\perfh007.dat
2013-07-01 20:04 - 2011-07-28 13:36 - 00132970 ____A C:\Windows\System32\perfc007.dat
2013-07-01 20:04 - 2009-07-14 07:13 - 01513970 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 20:01 - 2009-07-14 06:51 - 00152200 ____A C:\Windows\setupact.log
2013-07-01 19:25 - 2012-07-18 18:09 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 19:15 - 2013-07-01 19:15 - 00000000 ____D C:\Users\admin\AppData\Local\Macromedia
2013-07-01 19:15 - 2011-07-29 21:19 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 19:01 - 2013-07-01 19:01 - 00000000 ____D C:\Users\JD\AppData\Local\{3D9F68A6-A700-4BD6-B3D7-E00B98D0E883}
2013-07-01 18:59 - 2011-07-29 21:19 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 18:58 - 2012-04-11 10:47 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Orbit
2013-07-01 18:49 - 2013-07-01 18:49 - 00008764 ____A C:\Users\Manu\Desktop\favoriten.htm
2013-07-01 18:48 - 2013-07-01 18:48 - 00000000 ____A C:\Users\Manu\Desktop\lesezeichen.html
2013-07-01 18:47 - 2013-07-01 18:47 - 00008764 ____A C:\Users\Manu\Desktop\bookmark.htm
2013-07-01 18:13 - 2013-07-01 18:06 - 00460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\62611638.sys
2013-07-01 18:02 - 2012-01-01 15:53 - 00000000 ____D C:\Users\admin\AppData\Roaming\Orbit
2013-07-01 17:58 - 2011-07-28 03:43 - 01742806 ____A C:\Windows\WindowsUpdate.log
2013-07-01 17:21 - 2011-07-28 22:54 - 00000000 ____D C:\users\Manu
2013-07-01 17:20 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 17:20 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 17:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 15:51 - 2011-07-28 22:54 - 00000000 ____D C:\Users\Manu\AppData\Local\Adobe
2013-07-01 15:44 - 2013-07-01 15:44 - 00000000 ____D C:\Users\Manu\AppData\Local\{BE2D3B67-3432-4D70-9484-89DE2876AE15}
2013-06-30 19:14 - 2013-06-30 19:13 - 00000000 ____D C:\Users\JD\Desktop\Tai Chi
2013-06-30 19:09 - 2013-06-29 15:58 - 00000000 ____D C:\Users\JD\AppData\Roaming\Audacity
2013-06-30 18:52 - 2010-11-21 05:47 - 00131768 ____A C:\Windows\PFRO.log
2013-06-30 18:47 - 2013-06-29 16:05 - 00000000 ____D C:\Users\JD\AppData\Roaming\Applian FLV and Media Player
2013-06-30 18:46 - 2013-06-30 18:46 - 00001453 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-30 18:45 - 2013-06-30 18:45 - 00000000 ____D C:\Program Files\iTunes
2013-06-30 18:45 - 2013-06-30 18:45 - 00000000 ____D C:\Program Files\iPod
2013-06-30 18:45 - 2013-01-01 15:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-30 18:40 - 2013-06-29 15:57 - 00019086 ____A C:\Users\JD\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil.aup
2013-06-30 17:33 - 2012-02-25 18:49 - 00003192 ____A C:\Windows\wininit.ini
2013-06-30 16:57 - 2013-06-30 16:48 - 00000000 ____D C:\Users\JD\AppData\Roaming\vlc
2013-06-30 16:47 - 2013-06-30 16:40 - 00000000 ____D C:\Users\JD\AppData\Local\{4B6F1783-475F-4BBA-B2E4-A2E1066B7B92}
2013-06-30 16:40 - 2013-06-30 16:40 - 00000000 ____D C:\Users\JD\AppData\Local\{305B313F-8EAF-47FE-9E73-6FBB8F7B581B}
2013-06-30 16:40 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Local\Windows Live
2013-06-30 16:21 - 2013-06-23 13:19 - 00000000 ____D C:\users\JD
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{B6C34DF3-9A63-4832-9B58-84F2D7A73B36}
2013-06-30 13:51 - 2013-06-30 13:51 - 00000000 ____D C:\Users\JD\AppData\Roaming\Mozilla
2013-06-30 13:51 - 2013-06-30 13:51 - 00000000 ____D C:\Users\JD\AppData\Local\Mozilla
2013-06-29 17:16 - 2013-06-29 16:02 - 00000000 ____D C:\Users\JD\AppData\Roaming\Orbit
2013-06-29 16:28 - 2013-06-29 16:27 - 00000000 ____D C:\Users\JD\MediaEspresso
2013-06-29 16:27 - 2013-06-29 16:27 - 00000000 ____D C:\Users\JD\AppData\Roaming\CyberLink
2013-06-29 16:03 - 2013-06-29 16:03 - 00156028 ____A C:\Users\JD\Desktop\libmp3lame-win-3.97.zip
2013-06-29 16:02 - 2013-06-29 16:02 - 00000000 ____D C:\Users\JD\AppData\Roaming\ProgSense
2013-06-29 15:57 - 2013-06-29 15:57 - 00000000 ____D C:\Users\JD\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil_data
2013-06-29 15:27 - 2013-06-23 13:47 - 00000000 ____D C:\Users\JD\AppData\Local\CrashDumps
2013-06-29 14:39 - 2011-07-29 21:41 - 00000000 ____D C:\Users\Manu\AppData\Local\FreePDF_XP
2013-06-29 14:14 - 2013-06-29 14:14 - 00000000 ____D C:\Users\Manu\AppData\Local\{8D5FB07C-1332-4180-811D-0B0937414065}
2013-06-28 18:25 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Local\Apple Computer
2013-06-28 13:45 - 2013-06-28 13:45 - 00000000 ____D C:\Users\Manu\AppData\Local\{CF15F97D-FD2A-4921-9620-F46E5FAE8FE9}
2013-06-28 13:42 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-27 15:46 - 2013-06-27 15:46 - 00000000 ____D C:\Users\Manu\AppData\Local\{8D30D727-0318-40CE-BBBF-2EE5696849ED}
2013-06-26 19:16 - 2013-06-26 19:16 - 00013304 ____A C:\Users\JD\Desktop\SnippingTool - Verknüpfung.lnk
2013-06-26 19:12 - 2013-06-26 19:11 - 00000000 ____D C:\Users\JD\AppData\Local\{C5EB48C1-30C5-4AEF-9AD7-D4E702E19C4D}
2013-06-26 16:22 - 2013-06-26 16:22 - 00000000 ____D C:\Users\Manu\AppData\Local\{12172258-93F8-4732-B7DB-EA3ABDD86310}
2013-06-25 19:12 - 2013-06-25 19:12 - 00000000 ____D C:\Users\Manu\AppData\Local\{81026923-5E18-4EA7-B18D-3CD51D7B2524}
2013-06-25 15:12 - 2013-02-10 18:05 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-06-24 15:49 - 2013-06-24 15:49 - 00000000 ____D C:\Users\Manu\AppData\Local\{BFEDC1D9-3EBA-4CCE-8A01-0AC2B1BE3311}
2013-06-23 22:37 - 2013-06-23 13:21 - 00000000 ____D C:\Users\JD\AppData\Roaming\Windows Live Writer
2013-06-23 20:40 - 2013-06-23 20:40 - 00000000 ____D C:\Users\Manu\AppData\Local\{E3FEFA46-4EE9-4B5F-82AC-51C42AEFCFA8}
2013-06-23 20:22 - 2013-06-23 13:21 - 00000000 ____D C:\Users\JD\AppData\Local\Windows Live Writer
2013-06-23 19:32 - 2013-06-23 19:32 - 00000000 ____D C:\Users\JD\AppData\Local\Apple
2013-06-23 19:32 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Roaming\Apple Computer
2013-06-23 18:30 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Roaming\Adobe
2013-06-23 18:30 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Local\Adobe
2013-06-23 18:24 - 2013-06-23 18:24 - 00000000 ____D C:\Users\JD\AppData\Roaming\EPSON
2013-06-23 18:23 - 2013-06-23 18:23 - 00000000 ____A C:\Users\JD\Sti_Trace.log
2013-06-23 18:13 - 2011-07-29 20:16 - 00000403 ____A C:\Windows\ODBC.INI
2013-06-23 14:39 - 2013-06-23 14:39 - 00001502 ____A C:\Users\JD\Desktop\Windows Live Mail.lnk
2013-06-23 13:30 - 2013-06-23 13:24 - 00000000 ____D C:\Users\JD\AppData\Roaming\Google
2013-06-23 13:30 - 2013-06-23 13:24 - 00000000 ____D C:\Users\JD\AppData\Local\Google
2013-06-23 13:26 - 2013-06-23 13:19 - 00002267 ____A C:\Users\JD\Desktop\Google Chrome.lnk
2013-06-23 13:21 - 2013-06-23 13:21 - 00000000 ____D C:\Users\JD\AppData\Local\{7D8C5629-8D8E-40C7-8407-BAAA224646DF}
2013-06-23 13:20 - 2013-06-23 13:20 - 00000000 ____D C:\Users\JD\AppData\Local\ArcSoft
2013-06-23 13:20 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Roaming\ArcSoft
2013-06-23 13:19 - 2013-06-23 13:19 - 00073384 ____A C:\Users\JD\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Vorlagen
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Startmenü
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Netzwerkumgebung
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Lokale Einstellungen
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Eigene Dateien
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Druckumgebung
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Documents\Eigene Musik
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Documents\Eigene Bilder
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\AppData\Local\Verlauf
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\AppData\Local\Anwendungsdaten
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 __SHD C:\Users\JD\Anwendungsdaten
2013-06-23 13:19 - 2013-06-23 13:19 - 00000000 ____D C:\Users\JD\AppData\Local\VirtualStore
2013-06-22 19:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-22 16:02 - 2013-06-30 19:31 - 00460888 ____A (Kaspersky Lab ZAO) C:\Windows\System32\Drivers\99245666.sys
2013-06-22 15:56 - 2013-06-22 15:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 15:56 - 2013-06-22 15:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 15:56 - 2013-03-05 20:57 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 15:56 - 2013-03-05 20:57 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 15:56 - 2012-09-23 12:31 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-22 15:56 - 2011-08-21 12:11 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 15:56 - 2011-08-21 12:11 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-22 15:40 - 2013-05-08 15:25 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-22 15:28 - 2013-05-08 15:26 - 00000898 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-21 17:06 - 2013-06-21 17:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{58054010-D9C4-493A-BA5C-ECC6AB248295}
2013-06-20 14:56 - 2013-06-20 14:55 - 00000000 ____D C:\Users\Manu\AppData\Local\{20F75D8B-C59D-4957-B684-2730AE880216}
2013-06-19 14:43 - 2013-06-19 14:43 - 00000000 ____D C:\Users\Manu\AppData\Local\{EB4454CD-9472-471D-82BD-C8AC2DC6FADA}
2013-06-18 23:02 - 2013-06-18 23:02 - 09755584 ____A (SurfRight B.V.) C:\Users\admin\Downloads\hitmanpro_x64.exe
2013-06-18 22:34 - 2013-06-18 22:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-18 22:02 - 2013-06-18 22:02 - 01084698 ____A C:\ProgramData\2433f433
2013-06-18 22:02 - 2013-06-18 22:02 - 01084684 ____A C:\Users\jörg\AppData\Roaming\2433f433
2013-06-18 22:02 - 2013-06-18 22:02 - 01084669 ____A C:\Users\jörg\AppData\Local\2433f433
2013-06-18 19:14 - 2011-07-30 21:00 - 00000000 ____D C:\Users\jörg\AppData\Local\Adobe
2013-06-18 19:07 - 2013-06-18 19:07 - 00000000 ____D C:\Users\jörg\AppData\Local\{A2442D88-5E58-49A3-A333-204F436735D8}
2013-06-16 17:32 - 2013-06-16 17:32 - 00000000 ____D C:\Users\jörg\AppData\Local\{267C70E8-5B72-45D7-9CDF-DECD5E6E3A5C}
2013-06-14 15:25 - 2013-06-14 15:25 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-14 15:25 - 2012-04-23 14:17 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 15:25 - 2011-08-17 18:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 14:56 - 2013-06-14 14:56 - 00000000 ____D C:\Users\Manu\AppData\Local\{99EE7253-67B4-4F61-A8BC-9177B9312D33}
2013-06-13 16:09 - 2011-07-28 22:40 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 16:06 - 2013-06-13 16:06 - 00000000 ____D C:\Users\Manu\AppData\Local\{44E2793B-6AD0-41D5-B25A-69DFDE532F57}
2013-06-11 14:53 - 2013-06-11 14:53 - 00000000 ____D C:\Users\Manu\AppData\Local\{A0821F0E-E78A-4601-B328-5A5F35668781}
2013-06-10 20:44 - 2013-06-10 20:44 - 00000000 ____D C:\Users\jörg\AppData\Local\{7563DCB8-3CAB-493E-A1E5-3BFAA1192631}
2013-06-09 19:30 - 2013-06-09 19:30 - 00000000 ____D C:\Users\Manu\AppData\Local\{FEC6F72C-007B-4073-A665-3FDE103D2FAE}
2013-06-08 09:48 - 2013-06-08 09:48 - 00000000 ____D C:\Users\Manu\AppData\Local\{C463F1D9-FD8A-47BF-8DC5-44B3DFA22AB7}
2013-06-07 16:04 - 2013-06-07 16:04 - 00000000 ____D C:\Users\Manu\AppData\Local\{377F3E1B-52C1-418A-A5B0-397F38965AE9}
2013-06-06 18:43 - 2013-06-06 18:43 - 00000000 ____D C:\Users\jörg\AppData\Local\{65138475-27C5-448E-BCB3-4A88B43B1F56}
2013-06-06 16:14 - 2013-06-06 16:14 - 00000000 ____D C:\Users\Manu\AppData\Local\{C5CCD79F-D5C9-408F-A647-387609FE459E}
2013-06-05 16:38 - 2013-06-05 16:38 - 00000000 ____D C:\Users\Manu\AppData\Local\{2630AFAC-26F1-4E03-86ED-E810169F8E2B}
2013-06-04 20:41 - 2013-06-04 20:41 - 00000000 ____D C:\Users\jörg\AppData\Local\{C3C906FE-0FE4-43D6-96B6-5937D326E06F}
2013-06-04 20:36 - 2013-06-29 15:57 - 00001609 ____A C:\Users\JD\Desktop\Zugangsdaten.doc - Verknüpfung.lnk
2013-06-04 20:36 - 2013-06-04 20:36 - 00001609 ____A C:\Users\jörg\Desktop\Zugangsdaten.doc - Verknüpfung.lnk
2013-06-04 20:32 - 2011-07-30 21:00 - 00000000 ____D C:\users\jörg
2013-06-04 20:30 - 2012-09-05 18:23 - 00000000 ____D C:\Users\jörg\AppData\Roaming\Audacity
2013-06-04 20:30 - 2012-01-14 17:51 - 00000000 ____D C:\Users\jörg\AppData\Roaming\vlc
2013-06-04 20:30 - 2011-08-27 15:16 - 00000000 ____D C:\Program Files (x86)\gs
2013-06-04 20:30 - 2011-07-29 21:03 - 00000000 ____D C:\Program Files (x86)\FreePDF_XP
2013-06-04 20:30 - 2011-07-28 22:25 - 00000000 ____D C:\users\admin
2013-06-04 20:30 - 2011-04-19 14:26 - 00000000 ____D C:\ProgramData\Norton
2013-06-04 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-04 20:28 - 2013-05-08 15:25 - 00000000 ____D C:\ProgramData\Ask
2013-06-04 20:28 - 2012-01-01 15:53 - 00000000 ____D C:\Users\jörg\AppData\Roaming\Orbit
2013-06-04 20:14 - 2011-08-28 10:51 - 00000000 ____D C:\Users\admin\AppData\Local\FreePDF_XP
2013-06-04 20:12 - 2011-07-29 21:03 - 00000000 ____D C:\ProgramData\FreePDF
2013-06-04 19:40 - 2013-06-04 19:40 - 00000000 ____D C:\Users\jörg\AppData\Local\{3C44CF72-A437-41AE-AFC5-C9EC1DF8556D}
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\Manu\AppData\Local\{BD654D46-DA3D-439F-9F7C-6EE6485BDE83}
2013-06-03 14:15 - 2013-06-03 14:15 - 00000000 ____D C:\Users\Manu\AppData\Local\{80A46B06-9E39-4984-802A-96CBCF0E00E4}
2013-06-02 21:45 - 2013-06-02 21:45 - 00000000 ____D C:\Users\jörg\AppData\Local\{9C36CA55-8318-41D5-860F-7056DC52E4B6}
2013-06-02 21:29 - 2013-06-02 19:16 - 00019764 ____A C:\Users\jörg\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil.aup
2013-06-02 19:16 - 2013-06-02 19:16 - 00000000 ____D C:\Users\jörg\Desktop\mp3- Tai Chi Chuan ( Taiji) Traditioneller Yang Stil - 108er Langform 2. Teil_data
2013-06-02 11:17 - 2013-06-02 11:17 - 00000000 ____D C:\Users\Manu\AppData\Local\{9DDD6CF3-BA43-42BE-B0C0-593440A39EC4}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-22 18:59
==================== End Of Log ============================
--- --- ---
--- --- ---
Wann ist comofix fertig ??? Wo ist das logfile ??? |
So funktioniert es:
AdwCleaner auf deinen Desktop.
