Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Sicherheitscenter deaktivert und Virus TR/Mevade A.95 (https://www.trojaner-board.de/141091-sicherheitscenter-deaktivert-virus-tr-mevade-a-95-a.html)

Ralf 1973 06.09.2013 14:41
Sicherheitscenter deaktivert und Virus TR/Mevade A.95
 
Hallo zusammen,
in den letzten Tagen hat mein Antivir (Avira) folgende Dateien in Quarantäne gesetzt: TR/Mevade.A.83 (am 02.09.) und TR/Mevade.A.95 (am 05.09.).
Parallel stelle ich fest, dass nach dem Hochfahren immer wieder die Meldung kommt, dass das Sicherheitscenter mit den Komponenten ausgeschaltet ist. Manuell lässt es sich problemlos einschalten und bleibt dann auch aktiv.
Kann es da einen Zusammenhang geben?
Ist zu befürchten, dass es eine stärkere Verseuchung gibt oder sollte das mit Antivir zu lösen sein.
Weder Antivir noch Kapersky findet noch Gefahren...

Gruß
Ralf

schrauber 06.09.2013 14:43
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Ralf 1973 06.09.2013 15:10

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2013
Ran by Ralf (administrator) on RALF-NOTEBOOK on 06-09-2013 15:55:33
Running from C:\Download\Download
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Hewlett-Packard Corporation) C:\Windows\system32\Hpservice.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Idea2) C:\Program Files\Desktop Sidebar\dsidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\Ralf\AppData\Roaming\Dropbox\bin\Dropbox.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Tor\tor.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\avcenter.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-27] (Synaptics, Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3842048 2008-03-19] (Analog Devices, Inc.)
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [177456 2008-05-14] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2008-04-04] (Analog Devices, Inc.)
HKLM\...\Run: [NWEReboot] -  [x]
HKLM\...\Run: [AllShareAgent] - C:\Program Files\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [282624 2013-03-18] (Apple Computer, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [SIDEBAR] - C:\Program Files\Desktop Sidebar\dsidebar.exe [1777664 2006-07-09] (Idea2)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [KSS] - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
MountPoints2: {65430df7-92f5-11e2-b42b-00248166c84e} - I:\Setup.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ralf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll (Idea2)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Ralf\AppData\Roaming\Mozilla\Firefox\Path=D:\Daten\Mozilla\Firefox\Profil Alex\u9f0esdm.alex
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
R2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.)
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 tor; C:\Program Files\Tor\tor.exe [3233806 2013-09-01] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-02] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1804160 2008-04-10] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-06 14:07 - 2013-09-06 14:07 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2013-09-06 14:06 - 2013-09-06 14:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-06 14:06 - 2013-09-06 14:06 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-09-04 13:29 - 2013-09-04 13:31 - 98786469 _____ D:\Virtual Desktop\Bruxelles.mp4
2013-09-03 15:24 - 2013-09-03 15:24 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\OpenOffice
2013-09-03 15:10 - 2013-09-03 15:11 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-09-03 15:03 - 2013-09-03 15:03 - 00019716 _____ D:\Virtual Desktop\Brief Villigst.odt
2013-09-02 17:42 - 2013-09-05 17:36 - 00023063 _____ D:\Virtual Desktop\Plan 09-10-13.odt
2013-09-01 10:46 - 2013-09-01 10:46 - 00000000 ____D C:\Program Files\Tor
2013-08-29 11:37 - 2013-08-29 11:38 - 06237310 _____ D:\Virtual Desktop\DE_glasstrasse_spielregel_web.pdf
2013-08-28 12:39 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-24 23:20 - 2013-08-24 23:39 - 08586634 _____ D:\Virtual Desktop\Miracle Jokers.mp4
2013-08-14 19:44 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 19:44 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 19:44 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 19:44 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 19:44 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 19:44 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 19:44 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 19:44 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 19:44 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 19:44 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 19:44 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 19:44 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 19:44 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 19:44 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 19:44 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 19:44 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 18:08 - 2013-08-14 18:08 - 00004068 _____ C:\Users\Ralf\AppData\Local\recently-used.xbel
2013-08-14 17:18 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 17:18 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 17:18 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 17:18 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 17:18 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 17:18 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 17:13 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 17:12 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 17:12 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 17:03 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 17:03 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 17:03 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-13 12:32 - 2013-08-13 12:32 - 00000000 ____D C:\Users\Ralf\AppData\Local\webkit
2013-08-11 11:24 - 2013-08-14 18:08 - 00000000 ____D C:\Users\Ralf\AppData\Local\gtk-2.0
2013-08-11 11:24 - 2013-08-11 11:24 - 00000000 ____D C:\Users\Ralf\.thumbnails
2013-08-11 11:20 - 2013-08-14 18:36 - 00000000 ____D C:\Users\Ralf\.gimp-2.8
2013-08-11 11:20 - 2013-08-11 11:20 - 00000000 ____D C:\Users\Ralf\AppData\Local\gegl-0.2
2013-08-11 11:15 - 2013-08-11 11:18 - 00000000 ____D C:\Program Files\GIMP 2
2013-08-08 16:10 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\system32\avisynth.dll
2013-08-08 16:10 - 2009-04-11 00:27 - 00000038 ___SH C:\Windows\camcodec100.ini
2013-08-08 16:10 - 2009-04-11 00:27 - 00000028 ___SH C:\Windows\lagarith.ini
2013-08-08 16:10 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\system32\AVSredirect.dll
2013-08-08 16:10 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\system32\devil.dll
2013-08-08 16:10 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\yv12vfw.dll
2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-08-08 16:09 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\i420vfw.dll
2013-08-08 13:05 - 2013-08-08 13:28 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\HandBrake
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Program Files\Handbrake
2013-08-08 12:54 - 2013-08-08 12:56 - 00000000 ____D C:\ProgramData\DVD Shrink
2013-08-08 12:54 - 2013-08-08 12:54 - 00000000 ____D C:\Program Files\DVD Shrink DE
2013-08-08 12:33 - 2013-08-08 12:33 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Xilisoft
2013-08-07 18:02 - 2013-08-07 18:02 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\InterVideo
2013-08-07 13:51 - 2013-08-07 20:02 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2013-09-06 15:55 - 2013-09-06 15:55 - 00000000 ____D C:\FRST
2013-09-06 15:32 - 2006-11-02 14:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-06 15:32 - 2006-11-02 14:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-06 15:06 - 2013-03-17 23:58 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Desktop Sidebar
2013-09-06 14:58 - 2008-01-21 03:38 - 01289691 _____ C:\Windows\WindowsUpdate.log
2013-09-06 14:07 - 2013-09-06 14:07 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2013-09-06 14:06 - 2013-09-06 14:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-06 14:06 - 2013-09-06 14:06 - 00000000 ____D C:\Program Files\Kaspersky Lab
2013-09-06 13:41 - 2006-11-02 12:33 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 13:35 - 2013-03-19 14:40 - 00000000 ___RD D:\Virtual Desktop\Dropbox
2013-09-06 13:35 - 2013-03-18 23:21 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Dropbox
2013-09-05 18:22 - 2013-03-17 22:08 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\vlc
2013-09-05 17:36 - 2013-09-02 17:42 - 00023063 _____ D:\Virtual Desktop\Plan 09-10-13.odt
2013-09-05 15:17 - 2013-03-17 14:31 - 00014848 _____ C:\Users\Ralf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-05 13:30 - 2013-05-30 15:39 - 00066621 _____ C:\Users\Ralf\AppData\Roaming\Desktop Sidebardeletedmessages.txt
2013-09-04 14:16 - 2013-03-17 20:49 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 14:16 - 2013-03-17 20:49 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 13:31 - 2013-09-04 13:29 - 98786469 _____ D:\Virtual Desktop\Bruxelles.mp4
2013-09-04 13:19 - 2013-03-17 14:25 - 00001356 _____ C:\Users\Ralf\AppData\Local\d3d9caps.dat
2013-09-04 10:02 - 2013-03-17 14:27 - 00082048 _____ C:\Users\Ralf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-04 10:01 - 2006-11-02 14:44 - 00333400 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-03 15:24 - 2013-09-03 15:24 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\OpenOffice
2013-09-03 15:11 - 2013-09-03 15:10 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-09-03 15:03 - 2013-09-03 15:03 - 00019716 _____ D:\Virtual Desktop\Brief Villigst.odt
2013-09-02 19:19 - 2006-11-02 14:58 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-02 19:19 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 10:46 - 2013-09-01 10:46 - 00000000 ____D C:\Program Files\Tor
2013-08-29 11:38 - 2013-08-29 11:37 - 06237310 _____ D:\Virtual Desktop\DE_glasstrasse_spielregel_web.pdf
2013-08-28 17:25 - 2008-01-21 05:02 - 00107622 _____ C:\Windows\PFRO.log
2013-08-28 12:43 - 2013-05-29 17:21 - 00000000 ____D C:\Program Files\NCH Software
2013-08-28 12:43 - 2013-03-18 16:56 - 00000000 ____D C:\Program Files\CyberLink
2013-08-28 12:43 - 2013-03-17 14:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-26 11:38 - 2013-03-21 20:16 - 00005754 _____ C:\Windows\setupact.log
2013-08-24 23:39 - 2013-08-24 23:20 - 08586634 _____ D:\Virtual Desktop\Miracle Jokers.mp4
2013-08-17 19:36 - 2013-03-17 16:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 14:00 - 2013-03-17 16:08 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 12:02 - 2013-03-17 15:13 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-08-14 21:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-14 21:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 21:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-14 19:55 - 2013-08-05 13:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:53 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 18:36 - 2013-08-11 11:20 - 00000000 ____D C:\Users\Ralf\.gimp-2.8
2013-08-14 18:08 - 2013-08-14 18:08 - 00004068 _____ C:\Users\Ralf\AppData\Local\recently-used.xbel
2013-08-14 18:08 - 2013-08-11 11:24 - 00000000 ____D C:\Users\Ralf\AppData\Local\gtk-2.0
2013-08-13 12:47 - 2013-03-17 14:25 - 00000000 ____D C:\Users\Ralf
2013-08-13 12:32 - 2013-08-13 12:32 - 00000000 ____D C:\Users\Ralf\AppData\Local\webkit
2013-08-11 11:24 - 2013-08-11 11:24 - 00000000 ____D C:\Users\Ralf\.thumbnails
2013-08-11 11:20 - 2013-08-11 11:20 - 00000000 ____D C:\Users\Ralf\AppData\Local\gegl-0.2
2013-08-11 11:18 - 2013-08-11 11:15 - 00000000 ____D C:\Program Files\GIMP 2
2013-08-08 22:03 - 2013-07-16 15:38 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Roxio
2013-08-08 22:03 - 2013-03-18 17:04 - 00000000 ____D C:\ProgramData\SmartSound Software Inc
2013-08-08 16:13 - 2013-05-29 17:21 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\NCH Software
2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-08-08 13:28 - 2013-08-08 13:05 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\HandBrake
2013-08-08 13:28 - 2013-03-17 12:28 - 00000000 ____D D:\Virtual Desktop\Diverses
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2013-08-08 13:04 - 2013-08-08 13:04 - 00000000 ____D C:\Program Files\Handbrake
2013-08-08 12:56 - 2013-08-08 12:54 - 00000000 ____D C:\ProgramData\DVD Shrink
2013-08-08 12:54 - 2013-08-08 12:54 - 00000000 ____D C:\Program Files\DVD Shrink DE
2013-08-08 12:33 - 2013-08-08 12:33 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\Xilisoft
2013-08-07 20:02 - 2013-08-07 13:51 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-08-07 18:02 - 2013-08-07 18:02 - 00000000 ____D C:\Users\Ralf\AppData\Roaming\InterVideo

Files to move or delete:
====================
C:\Users\Ralf\AppData\Local\Temp\ffmpeg16.exe
C:\Users\Ralf\AppData\Local\Temp\icqsetup.exe
C:\Users\Ralf\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Ralf\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Ralf\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Ralf\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Ralf\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Ralf\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Ralf\AppData\Local\Temp\_is1FC0.exe
C:\Users\Ralf\AppData\Local\Temp\_is3755.exe
C:\Users\Ralf\AppData\Local\Temp\_isAD3F.exe
C:\Users\Ralf\AppData\Local\Temp\_isDD34.exe
C:\Users\Ralf\AppData\Local\Temp\{FEC7FAB7-A340-4CCC-9656-18113923E76E}\ISSetup.dll
C:\Users\Ralf\AppData\Local\Temp\{FEC7FAB7-A340-4CCC-9656-18113923E76E}\_Setup.dll
C:\Users\Ralf\AppData\Local\Temp\{D40F07CB-14B8-416B-B157-417496E2FEE0}\InstallFlashPlayer.exe
C:\Users\Ralf\AppData\Local\Temp\{759FC86C-361E-4E3F-B5A1-B1F752FE77DE}\ISSetup.dll
C:\Users\Ralf\AppData\Local\Temp\{759FC86C-361E-4E3F-B5A1-B1F752FE77DE}\_Setup.dll
C:\Users\Ralf\AppData\Local\Temp\{618E1C49-F4D3-4896-8C9C-F888EB896D7B}\ISSetup.dll
C:\Users\Ralf\AppData\Local\Temp\{618E1C49-F4D3-4896-8C9C-F888EB896D7B}\_Setup.dll
C:\Users\Ralf\AppData\Local\Temp\{5A86BBAB-F15B-48FC-AED9-4626F05BC5B6}\ISSetup.dll
C:\Users\Ralf\AppData\Local\Temp\{5A86BBAB-F15B-48FC-AED9-4626F05BC5B6}\_Setup.dll
C:\Users\Ralf\AppData\Local\Temp\VIES5BAD\SETUP.EXE
C:\Users\Ralf\AppData\Local\Temp\PDFC\uninstall.exe
C:\Users\Ralf\AppData\Local\Temp\nsw2750.tmp\DropboxNSISTools.dll
C:\Users\Ralf\AppData\Local\Temp\nsw2750.tmp\UAC.dll
C:\Users\Ralf\AppData\Local\Temp\nss806A.tmp\InstallOptions.dll
C:\Users\Ralf\AppData\Local\Temp\nss806A.tmp\System.dll
C:\Users\Ralf\AppData\Local\Temp\nslCC83.tmp\DropboxNSISTools.dll
C:\Users\Ralf\AppData\Local\Temp\nslCC83.tmp\UAC.dll
C:\Users\Ralf\AppData\Local\Temp\nsl7F1F.tmp\DropboxNSISTools.dll
C:\Users\Ralf\AppData\Local\Temp\nsl7F1F.tmp\UAC.dll
C:\Users\Ralf\AppData\Local\Temp\nsiCE69.tmp\FindProcDLL.dll
C:\Users\Ralf\AppData\Local\Temp\nsiCE69.tmp\newadvsplash.dll
C:\Users\Ralf\AppData\Local\Temp\nsiCE69.tmp\registry.dll
C:\Users\Ralf\AppData\Local\Temp\nsiCE69.tmp\System.dll
C:\Users\Ralf\AppData\Local\Temp\nsiCE69.tmp\UserInfo.dll
C:\Users\Ralf\AppData\Local\Temp\nsb3B7B.tmp\DropboxNSISTools.dll
C:\Users\Ralf\AppData\Local\Temp\nsb3B7B.tmp\UAC.dll
C:\Users\Ralf\AppData\Local\Temp\is-SOJAQ.tmp\dvssyshelper.dll
C:\Users\Ralf\AppData\Local\Temp\is-SOJAQ.tmp\InnoCallback.dll
C:\Users\Ralf\AppData\Local\Temp\is-SOJAQ.tmp\_isetup\_shfoldr.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-06 13:40

==================== End Of Log ============================
--- --- ---




Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-09-2013
Ran by Ralf at 2013-09-06 15:56:35
Running from C:\Download\Download
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Agere Systems HDA Modem
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
ATI Catalyst Install Manager (Version: 3.0.664.0)
Audacity 2.0.3 (Version: 2.0.3)
Avira Free Antivirus (Version: 13.0.0.4052)
BrettspielWelt (Version: 1.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.0521.920.14728)
Catalyst Control Center Graphics Full Existing (Version: 2008.0521.920.14728)
Catalyst Control Center Graphics Full New (Version: 2008.0521.920.14728)
Catalyst Control Center Graphics Light (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Chinese Standard (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Czech (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Danish (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Dutch (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Finnish (Version: 2008.0521.920.14728)
Catalyst Control Center Localization French (Version: 2008.0521.920.14728)
Catalyst Control Center Localization German (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Greek (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Hungarian (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Italian (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Japanese (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Korean (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Norwegian (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Polish (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Portuguese (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Russian (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Spanish (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Swedish (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Thai (Version: 2008.0521.920.14728)
Catalyst Control Center Localization Turkish (Version: 2008.0521.920.14728)
CCC Help Chinese Standard (Version: 2008.0521.0919.14728)
CCC Help Chinese Traditional (Version: 2008.0521.0919.14728)
CCC Help Czech (Version: 2008.0521.0919.14728)
CCC Help Danish (Version: 2008.0521.0919.14728)
CCC Help Dutch (Version: 2008.0521.0919.14728)
CCC Help English (Version: 2008.0521.0919.14728)
CCC Help Finnish (Version: 2008.0521.0919.14728)
CCC Help French (Version: 2008.0521.0919.14728)
CCC Help German (Version: 2008.0521.0919.14728)
CCC Help Greek (Version: 2008.0521.0919.14728)
CCC Help Hungarian (Version: 2008.0521.0919.14728)
CCC Help Italian (Version: 2008.0521.0919.14728)
CCC Help Japanese (Version: 2008.0521.0919.14728)
CCC Help Korean (Version: 2008.0521.0919.14728)
CCC Help Norwegian (Version: 2008.0521.0919.14728)
CCC Help Polish (Version: 2008.0521.0919.14728)
CCC Help Portuguese (Version: 2008.0521.0919.14728)
CCC Help Russian (Version: 2008.0521.0919.14728)
CCC Help Spanish (Version: 2008.0521.0919.14728)
CCC Help Swedish (Version: 2008.0521.0919.14728)
CCC Help Thai (Version: 2008.0521.0919.14728)
CCC Help Turkish (Version: 2008.0521.0919.14728)
ccc-core-static (Version: 2008.0521.920.14728)
ccc-utility (Version: 2008.0521.920.14728)
Celtx (2.9.7) (Version: 2.9.7 (de))
Debut Video Capture Software
Desktop Sidebar (Version: 1.05.116)
Dropbox (HKCU Version: 2.0.22)
DVD Shrink 3.2 deutsch (DeCSS-frei)
ESU for Microsoft Vista SP1 (Version: 1.00.3.1)
FreeMind (Version: 0.9.0)
GIMP 2.8.6 (Version: 2.8.6)
Google Earth (Version: 7.0.3.8542)
GPL Ghostscript (Version: 9.07)
HandBrake 0.9.9 (Version: 0.9.9)
HP 3D DriveGuard (Version: 3.10 A8)
HP Help and Support (Version: 2.0.9.0)
HP MULTIPLE MODEM INSTALLER for VISTA (Version: 1.0.0.30)
HP Quick Launch Buttons 6.40 E1 (Version: 6.40 E1)
HP Update (Version: 4.000.010.008)
HP Webcam (Version: 5.8.39004.0)
HP Webcam Application (Version: 1.0.020.0418)
HP Wireless Assistant (Version: 3.00 K1)
iPhoto Plus 4
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Kaspersky Security Scan (Version: 12.0.1.340)
LAME v3.99.3 (for Windows)
LightScribe System Software (Version: 1.18.26.7)
LightScribe Template Labeler (Version: 1.18.26.7)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OpenOffice 4.0.0 (Version: 4.00.9702)
PowerDirector
Prism Video File Converter
QuickTime (Version: 7.1)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Business v10 (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio MyDVD (Version: 10.1.048)
Samsung AllShare (Version: 2.1.0.12031_10)
SCR3xxx Smart Card Reader (Version: 8.28)
Skins (Version: 2008.0521.920.14728)
Skype™ 6.3 (Version: 6.3.105)
SmartSound Quicktracks Plugin (Version: 3.0.3.0)
SoundMAX (Version: 6.10.1.5820)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (Version: +Recorder.2013.55)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VLC media player 2.0.8 (Version: 2.0.8)
 

==================== Restore Points  =========================

28-08-2013 13:28:06 Windows Update
29-08-2013 13:38:33 Geplanter Prüfpunkt
31-08-2013 10:09:02 Geplanter Prüfpunkt
01-09-2013 12:05:26 Geplanter Prüfpunkt
03-09-2013 12:32:48 Windows Update
03-09-2013 13:06:31 OpenOffice 4.0.0 wird installiert
06-09-2013 12:04:16 Installed Kaspersky Security Scan.

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1294EE22-F4EA-48BA-BECD-5D91F3AB2AA1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {13844B04-0283-4BA0-8DCF-1A83F46B9AEB} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ralf => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F9BD00D-54AB-4F01-99DC-70290C09CED2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {60460F69-EDDF-41DB-A8C4-992BBE6D1568} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {61E7C040-9980-4B24-8276-AAC9AE7E7221} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {A4115807-6F9C-491F-85A2-DDFAAE262BEB} - System32\Tasks\User_Feed_Synchronization-{334EF3D3-E3D5-4228-B191-A9AD4BB71E1F} => C:\Windows\system32\msfeedssync.exe [2013-03-17] (Microsoft Corporation)
Task: {A909DF4C-A0E8-420C-964B-016FB2EFEA06} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {E28E16D8-9A88-4D2C-9D1B-3815C6E966AE} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-21] (Microsoft Corporation)
Task: {F0550B91-C00A-468F-B923-604226E18C20} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {FED4A8A3-DAF5-48A3-BA2D-02B539443A78} - System32\Tasks\DSite => C:\Users\Ralf\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2013-04-05 00:12 - 2013-04-05 00:12 - 00130736 _____ (Dropbox, Inc.) C:\Users\Ralf\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-03-17 14:39 - 2008-03-27 20:15 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2013-03-17 14:39 - 2008-03-27 20:27 - 00151552 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2013-03-17 14:50 - 2007-09-27 17:07 - 00300336 _____ (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL
2013-03-17 14:46 - 2008-04-11 16:39 - 00446464 _____ (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\SMWDMIF.dll
2006-07-09 22:54 - 2006-07-09 22:54 - 00544768 _____ (Idea2) C:\Program Files\Desktop Sidebar\dsutils.dll
2006-07-09 23:06 - 2006-07-09 23:06 - 01589248 _____ (Idea2) C:\Program Files\Desktop Sidebar\basicpanels.dll
2006-07-09 22:58 - 2006-07-09 22:58 - 00286720 _____ (Idea2) C:\Program Files\Desktop Sidebar\panelsutils.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Ralf\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Ralf\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Ralf\AppData\Roaming\Dropbox\bin\icudt.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00102400 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3063.14943__90ba9c70f846762e\MOM.Implementation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3063.14941__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3063.14693__90ba9c70f846762e\AEM.Server.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3063.14942__90ba9c70f846762e\CCC.Implementation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00073728 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3063.14694__90ba9c70f846762e\CLI.Component.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3063.14693__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3063.14967__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00253952 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3063.14702__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00053248 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3063.14694__90ba9c70f846762e\ATIDEMOS.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3063.14721__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3063.14889__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00036864 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3063.14847__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00077824 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3063.14922__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3063.14771__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00036864 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3063.14868__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3063.14854__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00032768 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3063.14882__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3063.14848__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3063.14896__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3063.14854__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3063.14949__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3063.14692__90ba9c70f846762e\APM.Server.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00491520 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3063.14728__90ba9c70f846762e\CLI.Component.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3063.14734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00483328 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3063.14951__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00090112 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3063.14902__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 01679360 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3063.14741__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2013-03-17 14:45 - 2013-03-17 14:45 - 00196608 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3063.14754__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00006656 _____ ( ) C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00401408 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3063.14914__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00307200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3063.14771__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 01511424 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3063.14709__90ba9c70f846762e\CLI.Component.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3063.14714__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00135168 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3063.14957__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00217088 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3063.14760__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00438272 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3063.14722__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00118784 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3063.14869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00479232 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3063.14849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00401408 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3063.14883__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00352256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3063.14897__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00585728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3063.14766__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2013-03-17 14:44 - 2013-03-17 14:44 - 00802816 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3063.14855__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2013-03-17 16:08 - 2013-08-17 14:00 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-07-12 16:55 - 2013-07-12 16:57 - 16166280 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
2013-08-07 13:51 - 2013-08-07 13:52 - 02244504 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2013-08-07 13:51 - 2013-08-07 13:52 - 00158104 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-07 13:51 - 2013-08-07 13:52 - 00022424 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-08-07 13:51 - 2013-08-07 13:52 - 00579480 _____ (sqlite.org) C:\Program Files\Mozilla Thunderbird\mozsqlite3.dll
2013-03-17 22:18 - 2009-04-11 00:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcLayers.DLL
2012-12-07 15:15 - 2012-12-07 15:15 - 00102840 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\ushata.dll
2012-12-07 15:14 - 2012-12-07 15:14 - 00012728 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpinit.dll
2013-05-28 12:30 - 2013-05-28 12:30 - 00430520 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpmain.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00160184 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prremote.dll
2012-12-07 15:14 - 2012-12-07 15:14 - 00123320 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\DumpWriter.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00262584 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00115128 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\nfio.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 00021432 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fsdrvplg.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\fssync.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00038328 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\winreg.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 00377272 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\service.dll
2012-12-07 15:14 - 2012-12-07 15:14 - 01053112 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\eka_meta.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00324024 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\esmgr.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00046520 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\pxstub.ppl
2013-05-28 12:30 - 2013-05-28 12:30 - 01135032 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\params.ppl
2013-05-28 12:30 - 2013-05-28 12:30 - 02765240 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\avpgui.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00213432 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\metainfo.dll
2013-05-28 12:30 - 2013-05-28 12:30 - 02478520 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\basegui.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 00041912 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\thpimpl.ppl
2012-12-07 15:15 - 2012-12-07 15:15 - 00074168 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\memmon.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00594360 _____ (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\localization_manager.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00025088 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll
2011-09-05 19:36 - 2011-09-05 19:36 - 00180224 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: D:\Virtual Desktop\glass forest.mp4:TOC.WMV

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/06/2013 01:34:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/06/2013 07:17:51 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/05/2013 08:06:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/05/2013 01:29:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2013 06:44:29 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/04/2013 01:17:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2013 10:02:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/03/2013 03:27:07 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\RALF\APPDATA\ROAMING\OPENOFFICE\4\USER\BASIC\STANDARD> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (09/03/2013 03:27:07 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\RALF\APPDATA\ROAMING\OPENOFFICE\4\USER\BASIC\STANDARD> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (09/03/2013 01:18:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/06/2013 01:35:12 PM) (Source: Service Control Manager) (User: )
Description: Com4QLBEx%%1053

Error: (09/06/2013 01:35:12 PM) (Source: Service Control Manager) (User: )
Description: 30000Com4QLBEx

Error: (09/06/2013 01:35:12 PM) (Source: DCOM) (User: )
Description: 1053Com4QLBEx{DB536E5D-10F7-4B34-B443-140161048E2E}

Error: (09/06/2013 01:34:37 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst%%1053

Error: (09/06/2013 01:34:37 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player-Netzwerkfreigabedienst

Error: (09/05/2013 07:32:10 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}

Error: (09/05/2013 03:12:07 PM) (Source: Service Control Manager) (User: )
Description: Windows Internet Name Service1

Error: (09/04/2013 05:51:20 PM) (Source: Service Control Manager) (User: )
Description: 30000AntiVirSchedulerService

Error: (09/03/2013 10:55:21 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KNUTMICHAELLEIM",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C62296DE-F4BC-4B4D-BCA4-14-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/03/2013 09:24:08 AM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.2.108 für die Netzwerkkarte mit der Netzwerkadresse 002100DA2317 wurde durch den DHCP-Server 192.168.178.5 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).


Microsoft Office Sessions:
=========================
Error: (09/06/2013 01:34:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/06/2013 07:17:51 AM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/05/2013 08:06:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/05/2013 01:29:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2013 06:44:29 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/04/2013 01:17:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2013 10:02:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/03/2013 03:27:07 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\RALF\APPDATA\ROAMING\OPENOFFICE\4\USER\BASIC\STANDARD

Error: (09/03/2013 03:27:07 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\RALF\APPDATA\ROAMING\OPENOFFICE\4\USER\BASIC\STANDARD

Error: (09/03/2013 01:18:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-04-15 20:54:33.724
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\verifier.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-17 21:14:25.132
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-17 21:14:25.069
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-17 21:14:25.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-17 21:14:24.944
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-17 21:14:24.851
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 1788.07 MB
Available physical RAM: 603.49 MB
Total Pagefile: 3826.7 MB
Available Pagefile: 1631.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1924.46 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:73.44 GB) (Free:28.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:65.6 GB) (Free:8.74 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:2.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=66 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 07.09.2013 07:13
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Ralf 1973 07.09.2013 09:39
Vorweg schon mal vielen Dank!

Combofix habe ich jetzt zwei mal gestartet und er ist in beiden Fällen abgestürzt.

Nach dem Neustart bekam ich eine Fehlermeldung vom Windows Defender, dass er nicht gestartet werden konnte und ich ihn manuell starten sollte...

schrauber 07.09.2013 12:46
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Ralf 1973 07.09.2013 15:44
Auch AntiMalware stürzt ab und zwar bei der Entfernung einer Datei namens FileScout im Ordner AppData/Roaming...

Im dritten ANlauf hängt es sich nun bei einer Datei namens C:\Users\Ralf\AppData\Local\Temp\mt_ffx\mixidj auf.

Update:
AdwCleaner kann ich mir nicht herunterladen. Wenn ich es versuche kommt folgende Fehlermeldung:
C:\Users\Ralf\AppData\Local\Temp konnte nicht gespeichert werden, weil Sie die Inhalte dieses Ordners nicht ändern können.

Ändern Sie die Ordnereigenschaften und versuchen Sie es nochmals oder versuchen Sie, an einem anderen Ort zu speichern.

schrauber 07.09.2013 21:17
Speicherort ändern? Wenn nix geht bitte ein frisches FRST log.

Ralf 1973 08.09.2013 17:13
Vielen Dank für die Bemühungen, aber ich habe eine Neuinstallation durchgeführt, nachdem ich nicht mehr drucken und auch keine Office-Dateien mehr öffnen konnte.

schrauber 09.09.2013 06:16
ok :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27