Trojaner-Board
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 7, 100 PUP detected, Rechner extrem langsam (https://www.trojaner-board.de/141817-windows-7-100-pup-detected-rechner-extrem-langsam.html)

dinara 19.09.2013 12:35
Windows 7, 100 PUP detected, Rechner extrem langsam
 
Hallo,

mein Rechner ist in letzter Zeit extrem langsam geworden. Außerdem häufen sich seltsame Vorkommnisse:

- AntiVir macht bei Suchläufen keinerlei Funde. Allerdings ist es letzte Woche vorgekommen, dass plötzlich ein AntiVir-Fenster aufgegangen ist mit dem Hinweis, dass ein unerwünschtes Programm gefunden wurde. Dieses Fenster hat sich nach 3 Sekunden von selbst wieder geschlossen. Bei einem anschließenden Suchlauf hat AntiVir nichts gefunden.

- Plötzlich ohne jegliche Eingabe öffnen sich zwei Fenster von Windows Explorer.

- Neu geöffnete Tabs im Browser werden machmal einfach nicht geladen, obwohl eine Internetverbindung besteht. Oder es dauert mehrere Minuten bis eine Seite geladen wird.

- Wenn ich eine Datei herunterladen will, passiert manchmal einfach gar nichts.

- Heute war nach dem Neustart plötzlich AntiVir deaktiviert.


Ich habe Malwarebytes installiert und es wurden 100 PUP Dateien gefunden. Ich weiß nicht, ob ich diese einfach löschen kann, bzw. was ich darüber hinaus unternehmen sollte. Ich möchte den Rechner ungern neu formatieren.

Für Hilfe wäre ich total dankbar, da ich selber ratlos bin. Falls weitere Informationen erforderlich sind, weist mich bitte darauf hin.

Vielen Dank für alles im Voraus!


Hier das Log-File, das Malwarebytes erstellt hat:



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.19.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
ITSC-admin :: WIWI-PC [administrator]

19.09.2013 10:07:29
MBAM-log-2013-09-19 (12-27-47).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 435245
Time elapsed: 1 hour(s), 47 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 36
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> No action taken.
HKCR\CLSID\{2A28729E-2280-4986-BDB4-EC2623EAFBA4} (PUP.FaceThemes) -> No action taken.
HKCR\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> No action taken.
HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> No action taken.
HKCR\SelectionLinks.SelectionLinksBHO.1 (PUP.FaceThemes) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> No action taken.
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> No action taken.
HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> No action taken.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {77C8425B-E78B-11E1-937F-08EDB9DC3C20} -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {77C8425B-E78B-11E1-937F-08EDB9DC3C20} -> No action taken.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bad: (hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=2EBA8C705A6AC3D5) Good: (hxxp://www.google.com) -> No action taken.

Folders Detected: 6
C:\Users\ITSC-admin\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj (PUP.Optional.MixiDJToolBar.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj\mixidj (PUP.Optional.MixiDJToolBar.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.4.1 (PUP.Optional.MixiDJToolBar.A) -> No action taken.

Files Detected: 52
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\C0E30C88-BAB0-7891-9ED3-185BED3DCB14\Latest\MyBabylonTB.exe (PUP.Optional.MixiDJ.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\C0E30C88-BAB0-7891-9ED3-185BED3DCB14\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Local\Temp\is-JBD8L.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Windows\Installer\1ebdb4e.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows\Installer\1ebdb53.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows\Installer\1ebdb58.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\2787.ico (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\LinkuryInstaller.msi (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\LinkuryInstaller_p1v16.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\ITSC-admin\AppData\Roaming\OpenCandy\25D676D2897C4A72B6F8A231F84637AA\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> No action taken.

(end)

Aneri 19.09.2013 12:38
:hallo:

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


dinara 19.09.2013 12:50

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 13:45:40
Running from C:\Users\ITSC-admin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() c:\Windows\SysWOW64\srvany.exe
(O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mixi Dj Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121136&babsrc=SP_ss&mntrId=2EBA8C705A6AC3D5
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2

FireFox:
========
FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default
FF user.js: detected! => C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\user.js
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\ITSC-admin\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)
S2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG)
S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S0 PBADRV; system32\DRIVERS\PBADRV.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

==================== One Month Modified Files and Folders =======

2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 13:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job
2013-09-19 13:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 12:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 12:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 12:54 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox
2013-09-19 12:51 - 2012-05-30 21:22 - 01254175 _____ C:\Windows\WindowsUpdate.log
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:52 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-19 09:50 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox
2013-09-19 09:49 - 2010-11-21 05:47 - 00110526 _____ C:\Windows\PFRO.log
2013-09-19 09:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 09:49 - 2009-07-14 06:51 - 00092963 _____ C:\Windows\setupact.log
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 18:45 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic
2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job
2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN
2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey
2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

Some content of TEMP:
====================
C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe
C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll
C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-16 13:05

==================== End Of Log ============================
--- --- ---

dinara 19.09.2013 12:51
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013
Ran by ITSC-admin at 2013-09-19 13:47:11
Running from C:\Users\ITSC-admin\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

ABBYY FineReader 11 (x32 Version: 11.11.136)
AccelerometerP11 (x32 Version: 2.00.10.34)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.28.291)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
BioAPI Framework (Version: 1.0.2)
Bonjour (Version: 3.0.0.10)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.4822)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell Client System Update (x32 Version: 1.3.0)
Dell Data Protection | Access (x32 Version: 2.1.00001.002)
Dell Edoc Viewer (Version: 1.0.0)
Dell Feature Enhancement Pack (Version: 2.2.1)
Dell Touchpad (Version: 7.1211.101.118)
Dell Webcam Central (x32 Version: 1.40.54)
DirectX 9 Runtime (x32 Version: 1.00.0000)
Dropbox (HKCU Version: 2.0.22)
eToken PKI Client 5.1 (Version: 5.1.32.0)
Gemalto (Version: 01.64.01.0010)
Google Chrome (HKCU Version: 29.0.1547.66)
GRASS 6.4 (x32 Version: 6.4.3-1)
Human Development Trends 2005 (x32 Version: 1.0.0)
Intel PROSet Wireless
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Identity Protection Technology 1.2.27.0 (x32 Version: 1.2.27.0)
Intel(R) Management Engine Components (x32 Version: 7.1.50.1172)
Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® PROSet/Wireless WiFi-Software (Version: 15.03.1000.1637)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaMonkey 4.0 (x32 Version: 4.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Lync 2010 (Version: 4.0.7577.4398)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MiKTeX 2.9 (x32 Version: 2.9)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NTRU TCG Software Stack (Version: 2.1.37)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.23)
Ox Console 6.21 (x32 Version: 6.21)
OxEdit 6.20 (x32 Version: 6.20)
PC-CCID (Version: 2.0.0)
PDF Architect (x32 Version: 1.0.52.8917)
PDFCreator (x32 Version: 1.7.1)
PhotoShowExpress (x32 Version: 2.0.063)
Rapport (x32 Version: 3.5.1302.61)
RBVirtualFolder64Inst (Version: 1.00.0000)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Roxio Activation Module (x32 Version: 1.0)
Roxio BackOnTrack (x32 Version: 1.3.3)
Roxio Burn (x32 Version: 1.8)
Roxio Creator Starter (x32 Version: 1.0.439)
Roxio Creator Starter (x32 Version: 12.1.77.0)
Roxio Creator Starter (x32 Version: 5.0.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samsung SCX-3200 Series (x32)
Scan Assistant (x32 Version: 1.01.014)
ShellfireVPN 2.1 (x32 Version: 2.1)
Skype™ 6.6 (x32 Version: 6.6.106)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6901)
Stata 12 (x32 Version: 12.0)
SweetIM for Messenger 3.6 (x32 Version: 3.6.0008)
SweetPacks Toolbar for Internet Explorer 4.5 (x32 Version: 4.5.0000)
swMSM (x32 Version: 12.0.0.1)
TaskUnifier version 4.0.4 (Version: 4.0.4)
Trusteer Endpunkt-Sicherheit (x32 Version: 3.5.1302.61)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update Manager for SweetPacks 1.0 (x32 Version: 1.0.0005)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
Wartung Samsung ML-191x 252x Series (x32)
Wave Infrastructure Installer (Version: 07.67.17.0010)
Wave Support Software Installer (Version: 05.13.00.033)
WIDCOMM Bluetooth Software (Version: 6.3.0.7900)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinEdt 7 (x32 Version: 7.0)
WinRAR Archivierer (x32)

==================== Restore Points  =========================

10-09-2013 08:06:04 Windows Update
12-09-2013 08:54:20 Installed Rapport
13-09-2013 08:20:51 Windows Update
13-09-2013 15:32:55 Windows Update
17-09-2013 12:02:58 Windows Update
19-09-2013 07:38:51 Installed Rapport

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {005AEE6E-8A5D-4D4B-82D5-75ECA4B4C382} - System32\Tasks\{A9B1B92F-536A-47C2-B16D-07C974B659F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {015024AA-5F79-45BB-87A0-5DCED61BA1C2} - System32\Tasks\{5A3390A4-6B64-4554-BFD5-62A570314F8E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {01749C34-2967-4441-AFE7-8C24EB1F1447} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {026CE3C5-19C9-4CE9-A8BC-8CA5F2C5A580} - System32\Tasks\{4FAA841A-8786-484D-8ADD-41980B3316E5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {02880B2E-B0BC-4D0A-8B8F-19F4A9B02C12} - System32\Tasks\{04668423-F7D2-4CE2-8A08-BB069FEFE6E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0338FB40-2C37-45A9-A779-FD6C85117524} - System32\Tasks\{59845EB4-D2B8-41ED-B42A-192E6682A44F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {036909AE-4BB4-4E37-9DA2-11C52B1CA688} - System32\Tasks\{2A2BE8B9-6AE1-4250-A998-6B7F2AE1056A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {050100B7-3F7D-4190-AE3F-B9A248379AAF} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {05F22277-8526-42F4-B3E5-F48835B53E1A} - System32\Tasks\{AC5721CF-45C9-4BF0-AECC-74ECC3DECA60} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {07328E6E-889A-4039-A146-E03A76A7F3F0} - System32\Tasks\{BED820AB-17F9-42EB-8D6B-148F10ADE241} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {07333285-9A95-4FFD-81CC-AA92BEDED981} - System32\Tasks\{130B7FD3-44CA-409E-89B9-74466BD20A49} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {08C11042-5D12-40A6-A3D0-1F867A714729} - System32\Tasks\{07AB4CF4-83B5-4036-B86E-F2D69A410294} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0A16B476-E459-44F1-AA20-FE5DBDFAEF58} - System32\Tasks\{DC4B4A1D-2607-4868-A23E-E0205868C114} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0A9178E6-2EB0-46E7-AD17-E38C17377A21} - System32\Tasks\{CE3D0930-06F1-478B-8AF6-7A6FC507871F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0EAD0346-EF22-4764-BCF9-FFDE35EDD3BE} - System32\Tasks\{5FC23388-EBD3-412E-9C88-858632E33F78} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0EC7ED5C-9AF6-4D82-A060-BF07C49F1F83} - System32\Tasks\{51858137-9D67-4446-B2B5-F36E4E70A6CC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0F17AD2B-EBBD-4401-8FE0-9C3BB81DAD9A} - System32\Tasks\{8629EA02-47CB-45A3-A63F-8856257ED941} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {104DE0BA-26C6-4707-A3E9-B6D3F7F53B09} - System32\Tasks\{B6FE76C1-0440-4D62-BF02-929A59510982} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {12CE0F1D-74AB-48B7-A856-E661AC1B79A1} - System32\Tasks\{969892A7-FE27-4BDF-92F0-05DD4B18BD77} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {14247D80-530F-415A-8935-9673A16F5B75} - System32\Tasks\{8C49591C-F444-4657-A576-DB412C3C1E35} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {142E031F-6FD4-43CC-B6E3-709CA4163817} - System32\Tasks\{636D1CBB-7D14-401E-94D4-4B3402BE6E8C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1450EABC-A8F0-4265-BE4C-6E8EB4F03C03} - System32\Tasks\{FF0F86B3-FDF7-4038-A9AD-690EF31787A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {14D36551-8F0C-4A76-A287-2F264D6FAE97} - System32\Tasks\{306045F4-15A2-4193-9D85-5A7679E757BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1581AFDE-EBE9-40D0-A5A8-6C5CB140B603} - System32\Tasks\{A6123024-A414-4C4C-A63D-5C32337C92BB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {15C7E177-ECF4-486A-A1C5-FF6AD144E668} - System32\Tasks\{B32C9A79-B7C7-4A78-B1D3-ABD9CDBE2EEB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {15F14C5E-5140-4BBC-9BEA-837A3DD2E3EC} - System32\Tasks\{2881B208-FEBA-4E61-9186-05A76A2F9CD6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1649E61C-468E-42F7-AE0C-5F099949B34E} - System32\Tasks\{160DF44E-0678-49C9-A96A-EC7751A514A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {174D5D75-0B9D-479A-91DC-8CEFB679ED21} - System32\Tasks\{75CB99F5-0F0F-44E5-8FE1-309FBA89C9FA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {19808533-91A8-448C-A0AA-8B5E09316541} - System32\Tasks\{AF8525BF-3F7D-43F6-AC27-16ED853BFBCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {19C053CC-BE4F-4CE9-AE1A-D8767E575E70} - System32\Tasks\{385CA26C-643D-4954-810D-CE2588FC7335} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1CDF13D5-23AC-4553-A374-D1E587B511C8} - System32\Tasks\{1B683846-2581-4665-ABFA-F45E481C8AA4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1DDB2C02-C375-46D8-A647-6E15B179B4B4} - System32\Tasks\{E5C86269-469D-4545-A557-9927D97ED0D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1DF11739-519A-4062-8392-6181DF55BA83} - System32\Tasks\{2C498A89-DF0F-4668-87BA-F9469CB3019E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1ED76DA7-344E-414D-ACDF-B159F999CEB9} - System32\Tasks\{595B6E39-324D-4556-83D8-073E26CBC106} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1F7AF889-2119-4C09-9CD8-D02624F3F3E7} - System32\Tasks\{40A6113E-7EFE-4C2B-B643-08D231EB87DA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {24997C00-F292-43B3-B7BA-537BCCCA1DF2} - System32\Tasks\{6E3AF90D-2966-4965-A687-9F393245C9D2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {255CA25A-FEC7-4908-A1D4-EA53E401B943} - System32\Tasks\{FC1D94A1-B5A2-4A26-B684-66C765774C63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {26591D23-7A84-40A9-B265-99C5FB1A411F} - System32\Tasks\{750E2BF3-90E5-4666-8941-9F7146444501} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {285E2479-DE2C-439F-B962-BF10ECCFF5A8} - System32\Tasks\{E16205EE-27CB-44B6-9D89-A4A19822E75C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {28D3813D-86A7-4E7C-ABE9-2BC9D790BABE} - System32\Tasks\{C87042F2-1C0A-4BCD-8FFD-A5E78A8CDC0A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2A979C4B-7403-49B7-A691-A1DE31FCD054} - System32\Tasks\{899BD592-D6BC-4519-B87B-6A624CC63B23} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B15A253-E0CA-48FD-BD9E-8880263D54DD} - System32\Tasks\{400099BF-4E75-4394-A771-9A8B0BCDCB2F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2BDD521C-35A4-4D9D-A77F-55D0F34F33F0} - System32\Tasks\{6C8FF71E-975B-486A-AB02-457D23CEEB71} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2DA9D7B0-2A1B-4569-BFD5-570ACE312EF2} - System32\Tasks\{340F1A04-5241-4239-A763-0C82CF80407B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2DEDF225-80BC-4C6A-85C8-C1163BCDE44D} - System32\Tasks\{DD8F23DA-FF10-4395-AEB5-E5DE5BCB42D5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2E2E3F8A-DF75-42E4-891D-890E2887C992} - System32\Tasks\{86077E23-7535-4C44-B32B-B6A1807B1948} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2E5FC8B1-4971-4A86-BE10-511318CE2849} - System32\Tasks\{98601FB3-F761-4A71-B6B5-26C22FA4E4AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2EA627AA-5355-4361-9D1F-AD6ED7E66E2A} - System32\Tasks\{68AAE252-5216-4FA0-853A-692D7B3AB3A3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2ECE967F-F36B-4F46-A021-100026DA1FF6} - System32\Tasks\{C5BBF483-0963-473C-B343-C0C0EB2F3B5D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2F1157F0-D94B-4EF6-9478-BEF0C5F74EA2} - System32\Tasks\{960940FF-3BBA-4425-A7B6-B4DBA6C6A21F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3180C604-4518-422D-8A64-686CE687472A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {31A0C473-5AE7-4DF2-9CFD-97DEBFB30DEF} - System32\Tasks\{F49E45A4-6F9B-4519-B867-5980DA159470} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {32E48F2D-BCB3-403A-85A6-390E72AB21EF} - System32\Tasks\{018F199F-0D75-4051-99D1-379F6AD70FB1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3433873B-FF36-4B7D-A187-631FB49F89E8} - System32\Tasks\{5F266E29-9452-4D7A-925F-5E7089ABF9F5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {34FDA1A7-14D7-4EAF-9456-CFE91F05A9AF} - System32\Tasks\{68FA33F2-4A97-4A87-99AF-F8C4FCB1792D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {35B1CB99-4547-4D7C-BC8E-2AA6C08E4A6C} - System32\Tasks\{DD08DF7A-5746-4841-BA69-BA703F8D3EBB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {38BE195E-EA8C-42B3-B34B-53899ECBCA52} - System32\Tasks\{E319BCC3-2A8B-4EAC-9B63-59EBE6DF96C0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {39AD604F-F6F1-46B4-95C2-96755C64CB67} - System32\Tasks\{CB46DB64-A186-4B56-A432-93D8AFF47006} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {39C0DE5A-EFA2-4A9F-8E18-E53657B52A9E} - System32\Tasks\{88525340-408B-45B4-8CB4-14A1FF4719E0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {39DA44AB-6F42-4D15-BA8D-3C53E8022E97} - System32\Tasks\{B3CFCF36-DA84-434E-8541-1FC2A7D64A3A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3D88EDB9-18C8-4136-B11C-D0B0875E5B93} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {3DFE87AA-A152-4559-A15C-F71E6A1AA82E} - System32\Tasks\{8A323240-AD00-404D-936D-3035AB8E24F2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3E682A7E-0A5E-41E1-9AA3-1537F0C28BF1} - System32\Tasks\{160ADD81-3E8F-497E-8C9D-25861C15950B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3EF1D85E-8A92-4236-9756-230616C1B837} - System32\Tasks\{53B867E7-25AD-4FC9-87E1-9F951D2949C4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3F66AFBD-5309-4751-9F02-6551057C0C03} - System32\Tasks\{2A06FB2C-6600-48D9-9025-85DE68343757} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3FAFB89C-8147-4BED-918F-1DBEB4ADF101} - System32\Tasks\{8583B3DA-3BFD-4F84-9A50-8E12F7191A06} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {410F6AB4-D350-48EF-9004-267156AD82A7} - System32\Tasks\{FED28F1E-3329-47D2-8023-22D826E74FE9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4246DEB2-3151-40AB-BC36-1279773E4D86} - System32\Tasks\{A6B3346B-4773-4770-8DFA-3047BC56C676} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4466D6B7-5626-48F8-B9ED-B2416EDF6D51} - System32\Tasks\{F2C52E56-78A8-450E-9B2E-DBEAE418BFF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {46E29A8B-E47B-4DE7-B704-F31AC1DE22F9} - System32\Tasks\{9D8CC5E9-9761-4260-8154-7B7EF8F52972} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {488E3E08-CFD3-4C0B-976A-B87343E7E28C} - System32\Tasks\{482F0AE5-3E41-4E45-B40C-7CF51C19ABA9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {49024499-9A05-42B6-BC59-E161DA234D3A} - System32\Tasks\{65973C50-7CC8-45FC-851B-A5015E1C2F30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4A574060-6768-4AE7-8C86-7B3AF83054E0} - System32\Tasks\{E61CBCCF-AFB7-490B-BA80-654D00725509} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4AE5472D-1EDA-4610-AAFC-AB919801377D} - System32\Tasks\{ADC2F124-2718-4612-8062-296BB1A92463} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4B1EB119-5E5D-49DB-8077-258FC59C87CF} - System32\Tasks\{F9DB6019-FF0A-471D-9F58-24565B658C0E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4B2327FB-76D2-4D8B-9806-9FA08795F22B} - System32\Tasks\{C2D640E3-E1FE-41C4-9193-A18FB94AD3AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4B61E774-EBAB-4279-9D09-A5DDE9C31FC8} - System32\Tasks\{82132396-65B1-4AF9-BDE4-CCF76F761A9D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4BE708E8-8A09-4EF9-9043-C7AB0B9DAE6F} - System32\Tasks\{CA46650B-8ADB-4679-B016-88269A259457} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4BFCA185-DC5C-4E51-BFBE-9B089C6D6CC5} - System32\Tasks\{7E617687-48F7-4153-A6BE-26B99FF09404} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4C3E73D2-2692-482B-938B-EDF6BDBD2339} - System32\Tasks\{4C669355-9FD7-40FC-A3C4-4D23127E6B1F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4E239469-AC4E-4A57-BD93-E43920388ACB} - System32\Tasks\{F6B5BA36-8C82-4885-B55E-2B18831B2504} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4EC6E202-398D-4780-9758-15DB775542E6} - System32\Tasks\{3251BD37-9536-46B2-BC53-4702DE0051C2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4ECEBAB1-30EF-4085-9ADA-A8FD1B697E8C} - System32\Tasks\{09A8E8FD-41B9-41D6-95DF-81A165E1707A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4F38201C-4F99-40FF-810A-BBA116757B7F} - System32\Tasks\{CE80B570-FE86-4F30-A65B-CB8F31EFE602} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {50277A97-F551-4BBA-B819-67BD05A920F7} - System32\Tasks\{FB58DE85-4A6D-415C-9731-88B2279C8BEA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51077676-1C64-46A3-A347-26962D74D002} - System32\Tasks\{95ED1C64-4E07-4C76-A94C-283D1482BD86} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51347246-B4B4-42B9-AC0D-2D4AB1DA1D51} - System32\Tasks\{1F6D645B-5801-4944-9C97-778AA22AD751} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51802504-9297-4B32-B9F8-753F66A13F60} - System32\Tasks\{5DEE8D04-1577-4054-8039-71E8706E3DA3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51D8F1AA-6D5E-4C0E-892A-69E54EB3D9C8} - System32\Tasks\{4F7456A9-077E-4E41-8DED-67E5DA0C09B9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {52A8D0DB-E62A-43C9-A3BB-9CB4FEB04B9E} - System32\Tasks\{B3D4141D-0BA7-4FA3-9BA5-DEFE2645C001} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {52C293A1-4D94-4CB4-B9D1-CA61BD06B8A8} - System32\Tasks\{42EF0C39-8A12-467A-9710-9FA6D8CE519F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {52ECB521-ACD9-4784-8B58-F87A84A5730B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {52F2847E-B647-433B-BFAF-43AD34BAF363} - System32\Tasks\{433CDF00-E291-4F1B-81FD-B47135ECB007} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {537DC987-E21C-4EA4-8E3C-5B4A52353561} - System32\Tasks\{5C72E3AF-1CC8-45EA-815B-88DD0E844A85} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {54B6CAAE-25A4-4499-82EC-3EBD7F60C886} - System32\Tasks\{7C3743F2-E6A1-41BE-9676-2269AF485FAD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5513A956-22EA-422E-9D58-934A477D42D3} - System32\Tasks\{2724022A-DF67-475D-9BEB-54A2F4464FB3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {560152F2-3BAC-4103-BC8F-D240E6711CC8} - System32\Tasks\{B0B51E99-914A-4CE0-AB8C-595E3C5ABEF6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {57C3C185-86F2-4AD3-B44E-FE6CC7A4D94A} - System32\Tasks\{F04028CD-AA51-4FB7-934C-6C799254EBAB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {598BA1E3-60CF-4EE6-9F87-91BE85C1208A} - System32\Tasks\{FBF7EC59-E592-42FE-BF9C-83AA1BD2FA19} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5A89A6BA-F7B6-478B-BD78-51F224A3B2AC} - System32\Tasks\{659F16D2-2E88-406B-B132-B0871C942A63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5A9C2DC0-31AD-4397-8F31-2D1DC6F25D8E} - System32\Tasks\{9D381B60-D257-4857-A154-28011490E921} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5AD27905-64F8-4490-8317-BE49F0ACF3D7} - System32\Tasks\{A33A22B1-499C-4138-9D9A-090450305A36} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5D70A1F6-D371-46F3-AAB4-2C91E654A1FD} - System32\Tasks\{68FF90AF-7F07-4D29-BE7F-77F8D12C9690} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5DB346A8-5564-4478-B48E-E1027D510348} - System32\Tasks\{88D638F8-7C24-4DE3-AAC4-F1A7E9E71010} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5DBE6198-4E95-49D1-B2CC-4A3FED3DE1EB} - System32\Tasks\{9A14039A-B7C0-4F10-AD0E-819CDF99C819} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5E33ABF9-EDD6-48A2-9738-58F810BA90CD} - System32\Tasks\{830A0F7E-BB8A-4B57-862C-B0B709010F98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5E46FE0C-22C7-4A65-A045-F40FC0DEA3B1} - System32\Tasks\{4F0B7B14-2098-4C2C-93D5-CC3E6814827C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5E83CC31-34F5-4A49-865D-59D5EF34478F} - System32\Tasks\{EF5A49C9-18E7-4A03-A58B-629DBA45FEF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5E8D4547-6935-4204-9CA0-AF3B4F65C801} - System32\Tasks\{BE4C352F-7FB9-4599-9FC5-740B7DFF11E7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5EB0F57E-7992-4BE8-BC92-9B9085026EAD} - System32\Tasks\{9FC71753-B8BE-4560-8EA0-AE5DEE40B523} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {61D8DBDC-AB86-46A4-980F-659E23E45C67} - System32\Tasks\{48042DF7-EFE2-463A-AFAD-BEED957A9725} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {623A1261-7EDC-47D5-820C-F7B9FB152C37} - System32\Tasks\{B353F365-7725-4766-8C56-208B9EF08C21} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {625B35C0-9AFC-4306-A6F0-C1B1985E6942} - System32\Tasks\{7A8CE0FE-F3CC-4C9E-94F7-13373EAD6C9E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {62FA6A74-1924-4856-A1B1-A833228B8345} - System32\Tasks\{8A400993-3C27-4F2E-8C7A-5C9958526F39} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {632320BC-B1B0-4FE8-917E-F644FEDA6F82} - System32\Tasks\{DCD970D1-9071-4D68-A0E5-B29177A19FF1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {648FD0B9-3CCE-4F86-9069-1A8E04DEC0EB} - System32\Tasks\{71AA1D48-B04B-42AA-8CB4-61CBDEFB45F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {652957D1-6163-4373-BF97-B26F6F8CBF2E} - System32\Tasks\{B772B577-2D90-4098-8E7F-765875F2EF69} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {665E69EA-AE8F-462F-9555-DD48F6630F16} - System32\Tasks\{81DB4995-551C-4C12-A7B5-30D0842E5059} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6689F38E-1659-44D2-B35A-49D0CFD4D595} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {66AB035B-5EAC-48DF-BC4E-8949CF895991} - System32\Tasks\{1AB931A8-9512-448B-BF80-D1E18150D36D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {67255118-CC6B-40E0-A0AC-F669E214BA54} - System32\Tasks\{BDBEE770-4B87-458B-81B6-397537661832} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {68339A20-2EB9-47FF-98D4-3647D351A528} - System32\Tasks\{92C1F839-7A80-4E55-8DF1-D7D4C517765E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {68864B8C-A565-45C4-B8E0-66964FC4D62C} - System32\Tasks\{8E37B6A1-2037-4A2A-B505-9617F435AF07} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {691F3B74-203C-4727-8409-B9604E330BA8} - System32\Tasks\{A1721311-3DA6-4CB7-9A47-A620F27D9A04} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6C0AD24D-3E85-4039-AB90-FACDB9DCA7C7} - System32\Tasks\{2C20C044-D308-40E4-8514-54899DEAF3C6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6C24EF41-0D07-4167-9BEF-B30882E43410} - System32\Tasks\{3F470816-43F0-4686-BD8B-227B3A987FDB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6CEAE79E-5B94-4EC1-8EB2-69589F064EA4} - System32\Tasks\{DA8840F7-FE77-4779-8706-909FC0119A4F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6D07EE2D-087E-4FBA-B932-FE0D27E2BFEF} - System32\Tasks\{A3CE8D02-8CD7-4CCC-A790-0CF88AD13882} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6D10A716-C020-4123-A066-3A7A83DC53D5} - System32\Tasks\{B908917A-9AB9-4EA4-9BA7-2343E1FBC96A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6EDC5F85-1065-481F-8367-F3857E45010A} - System32\Tasks\{387FBA8E-7B53-48DF-9893-201780567735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73049B84-3289-4358-A3CE-34E878A6668C} - System32\Tasks\{C35D5A6B-B898-4D7D-BA85-558FB783286F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73A4BA52-DB9D-499B-94F4-C3BA3891F77D} - System32\Tasks\{A8FFBB78-68E2-4969-B3AD-1C7B9CE9C474} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73E73B97-B735-49D6-A8DD-5CE951F6AC51} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {74B45FF8-D4A2-4E98-9234-7EB8CB2A0E78} - System32\Tasks\{3BFD9D5A-BD6A-470B-9A1C-9AC7877E1595} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7542F68E-4488-4FF9-BEB1-148FA743E873} - System32\Tasks\{0F9BB44A-46AE-42EB-B3EF-5BF246E0CE0C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {75594D5E-20BF-4F82-9449-5686E7F4D12F} - System32\Tasks\{CDAF0B00-D68B-4728-B082-CF645E4F22E3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7582DD5B-C46D-45D1-AE2F-6B68E940AD7A} - System32\Tasks\{DE8799E5-07A4-4F3D-8421-47939F05211D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {75F48A3D-B453-4171-9EBD-C268A3298C2D} - System32\Tasks\{0B89FE38-6B3B-41C5-8F6A-5E87B701400D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {77A9F08E-12D2-4805-9557-5170D8191988} - System32\Tasks\{27304355-128F-4492-93BE-2C061FC538F8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CFF5777-3F48-40FD-961C-F1CE96B78F63} - System32\Tasks\{D4AAB3D1-76BF-469B-B60D-9D952EEBE406} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7D774F5A-73C9-4DF4-BDC0-71DE00C795BB} - System32\Tasks\{BD4C83A1-67C7-45C9-B71F-5734E714769F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7E65F640-6940-42F5-BE6E-6C8CB2096367} - System32\Tasks\{86369DA6-59D1-45BA-BC9E-31CA00BAFB30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {80905757-6391-4420-A97B-C1D77CF563A4} - System32\Tasks\{373C42D2-8CF5-4C26-8F52-08B1EC695BB6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {81214259-7E01-4F87-9741-BC9D5A26F850} - System32\Tasks\{C27957E7-6A4C-4A64-BB83-AB50B3E5234D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {833FB715-08CE-466C-AA14-E9CFA43202CF} - System32\Tasks\{0BBD2CAE-D7D7-4AF8-ACE6-06244A9B7466} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {83996F49-CAFB-446A-81D0-A719E9CDFB27} - System32\Tasks\{860FA283-6E52-4979-83EB-BFF40DF2F736} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {88647F42-DE44-4E3B-B271-2D57B3F8FDED} - System32\Tasks\{036B820F-5DD9-4309-BBA5-37420D567FDA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8C09E6DE-C538-48EF-A537-5E426C142F68} - System32\Tasks\{4E4494D3-0AD9-46BF-B350-1FFA88B2CFC4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8C4EBB8B-9292-4A54-BD96-649055FE26DC} - System32\Tasks\{3724D6F9-1BF2-441E-B07B-E1B2F31855C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8D330FC4-590E-4F02-B116-322E62D68F0B} - System32\Tasks\{D414385A-AA03-40BA-B286-6F717B6F2B3D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8DA1F638-F122-4C60-82A6-E509152A907A} - System32\Tasks\{60EC127C-1048-4AF8-859A-B04A31BE31A4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8E95D5AF-93D8-4504-8A87-6B44A081E11F} - System32\Tasks\{E6784431-56CB-4A59-853B-D74260CBE4A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8EF807EC-33D6-444B-BB5D-1C43B8AC364D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {8FBB5717-8BC0-456C-995D-758742BB268A} - System32\Tasks\{7D88ABB3-28C5-4FA8-B800-706FB5FEEC05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9155014A-F129-4A21-A576-81D4FFDF7090} - System32\Tasks\{8B60C5EE-D4D9-428C-A7FB-C62D3C6D42FE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92CB4233-D316-47DB-BE75-6CD9A328C1C0} - System32\Tasks\{170CC0B9-728B-4EEF-BA28-B2BB561E2B16} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92E504EB-4942-4B90-A94A-9D043A6BAF97} - System32\Tasks\{C61A91D5-21D7-452A-A774-F5FE53FA709A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {93283040-981A-4F1E-8EE5-6D8E5B32C980} - System32\Tasks\{716E24A5-3E93-4FD6-A9C7-4157B66643F0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {93902224-2493-4B72-B8CB-C1ED80035A41} - System32\Tasks\{A044B7E4-86CA-45EB-B3BD-33EF9D9A9856} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {940AAB5F-55CF-4B4D-AD3A-B62641B64C03} - System32\Tasks\{E79107E8-B35D-4456-B6F8-43EEE2F598FC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {94AB4083-1649-4F47-8B41-E5C4CD3D3595} - System32\Tasks\{4A71A548-C7BD-4DB2-AA72-9F026AD5051E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {94E410F2-999C-40CB-9F14-F735933EB426} - System32\Tasks\{DAD75026-C36A-4F55-8DEB-7D7F40F2EDE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {963E8D51-6778-4563-A370-2B5F466FDD7F} - System32\Tasks\{E4DDE6FE-3382-4379-93CC-E8605EC73911} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9673A99F-DDB9-4C1E-8970-AA4295449BCD} - System32\Tasks\{B248CFE7-3DD6-441A-8004-109987CE0C60} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {96BE3EFA-0F61-4303-83C1-D30F0B3C8D75} - System32\Tasks\{66363335-2396-4866-86D6-2B54E1086BCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {96DF2E4B-C692-42FD-9D2A-0530235E9906} - System32\Tasks\{89346FB4-642C-4C24-A945-C5B27A093232} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {996831F9-066D-4A18-AF6C-82E5AB23E6D8} - System32\Tasks\{ACC5D0BE-92F3-417E-B99A-ED81364B749C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9A042B7D-240D-4AA8-A43B-7D0F85831178} - System32\Tasks\{8D9CDF45-AE59-4D43-A16A-2123E32DA5C1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9AFF3EE6-D750-49A2-AB44-BD3D50BF12C9} - System32\Tasks\{7E065FFB-5CAB-4DDE-BE45-EE751D166F63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9BA7F418-E01D-4BAB-A843-7D26A9864F59} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9BFB20DD-CB10-4258-8C25-13F0478859D7} - System32\Tasks\{8CE63A35-4DAC-467A-917A-2CB1C60F25DC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9C520939-536F-4538-A19A-98EEFC451AD1} - System32\Tasks\{D8E10693-4DF4-4E0B-948F-CAEB4776D8F4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9DEE02E8-7903-4495-BB73-9BC7494BBD83} - System32\Tasks\{8E5EFDF1-2BAA-48B1-A237-E4A8FD1A72E3} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9E690A2E-C324-472E-9402-1FC3E2BA5D93} - System32\Tasks\{38C9450D-E575-478A-BCB8-D4BCDF3A6182} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9FD8CA23-AB15-4B5C-8FA7-2A96DC96A67E} - System32\Tasks\{84742227-F545-47C5-94DD-232CC281189B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A0254AFD-2675-4A52-81BD-E1736B92B7C7} - System32\Tasks\{C4127AE5-D4D2-43E2-A844-2ACDD88B3223} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A05D42FA-717C-4990-83ED-995642FA5942} - System32\Tasks\{F2544D39-A91C-4FA2-B737-D8F089283A0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A05E8F47-ED40-4251-B044-3F4C866EF5D3} - System32\Tasks\{199EB11F-50FE-4B2A-A515-DAF3C5D169BC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A0926389-031C-46BD-AAA1-74B425342289} - System32\Tasks\{1397C2F4-780E-49BE-8966-DF520CA566DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A0E0E5F0-DE88-49E9-8261-6558DC1B5DB2} - System32\Tasks\{17785D9B-0DF1-42CA-9D16-C587C0264C29} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A1E80A58-8821-4AEC-B488-2AA63E49D951} - System32\Tasks\{1EF7B0C3-30A9-4752-BA87-B706E72A9753} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A246E9C4-816C-4A8D-9BBA-96F09456B2F7} - System32\Tasks\{68DC2A47-90BC-4229-AD1F-EABCE2838782} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A2EA08F1-75A2-46F1-A26D-3BD43708EB63} - System32\Tasks\{581EAED6-227B-4106-9313-96DD5682F115} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A426426B-07DD-4B98-B3C1-8CC126AAB991} - System32\Tasks\{73E6AC45-9F3E-44D3-813E-0492AEBD27FF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A42E8FF8-A67E-4C21-8235-B2B8563FD45E} - System32\Tasks\{744687B2-8D9C-4504-A165-A91DF7AB7A61} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A8AF653E-55E3-4529-A265-67276AC84206} - System32\Tasks\{A7E46AEC-41EB-484B-94C5-721D6DDA06EF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ABE78478-EAD1-4198-960D-91B10B9E35A7} - System32\Tasks\{FDD8A1CD-0435-4A64-8C42-19FDF6A76053} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AD5FFEB4-9C84-485B-B915-0347686C0B0E} - System32\Tasks\{AF529792-A315-43B8-8E4E-BBB390787BF6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {ADD27029-C043-42C1-AFE3-87EC5C9F6F71} - System32\Tasks\{4D73BEF0-B9E3-4D05-952A-6A82978936E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AE793A10-8D86-4460-BB9F-EAC9C0EAF883} - System32\Tasks\{78911022-6D07-4CBF-838A-2B3C804D8E67} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AEC4BE8E-D7B9-4E13-B9BF-3B02CF016B42} - System32\Tasks\{9BA2E579-48DB-40D4-887B-636628CA0835} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AF0E9644-58B3-40F8-B51D-5919C891024F} - System32\Tasks\{316FE744-0837-467A-A48D-071C0797018F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AFC7291B-E5D8-4393-BD54-504F2AF273CF} - System32\Tasks\{85C8F006-9C7C-43AD-9B28-CF830A0B73FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B20FF505-816C-43CA-B5E9-C1C8C0A9F070} - System32\Tasks\{2E016592-7DF5-4549-AA69-C22A81670A39} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B25F3EF3-1D63-4ACA-8DE9-954FFE6D8031} - System32\Tasks\{25E4E6AF-660D-41E0-B865-438C8CD21080} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4A85DE0-6E68-4BDD-8EE8-CB6B56FB483A} - System32\Tasks\{0DBCFD56-B81E-481D-BFBC-E1C14E5C8D38} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B50E30C2-250E-4D54-9912-7A2609196C87} - System32\Tasks\{E87DBE03-6583-49CE-BFC0-EAC77041BBBC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B60D11F5-4970-48D1-9043-795DB9CB5A0C} - System32\Tasks\{0D6CD1BB-438A-415B-87BA-8F2A155A682A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B6594DA2-0F3E-4787-9A31-6BC73D778506} - System32\Tasks\{5A8E87E5-82A6-4608-9BAC-D1A45CA767A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B6719433-C064-49AF-B5BC-493A6D4E5996} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
Task: {B80CD393-C3F5-48D8-8BA3-13212824C9B5} - System32\Tasks\{5D3CCEDC-022C-45E3-BF56-37359CE99331} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B84E96FE-5FFB-4F6C-AC9C-3098829AF5C3} - System32\Tasks\{3D3DD017-931C-4F08-9074-2A59CFE8FD3E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BA83AF85-CC9B-4A1D-8FE0-738E7A0B3F6F} - System32\Tasks\{7AD78C34-84C6-49DD-A117-BAB7B9EA2735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BB24F188-FD08-4035-B1B1-11DC8FAA7030} - System32\Tasks\{640CEBA0-F19E-4DD1-ABBC-2322EA8600DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BFED3D2C-8E80-4E87-AABE-E24B001FAFDF} - System32\Tasks\{E38B1B3E-922E-46E4-A299-1291FCF0939F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C0503166-B282-4E56-89F8-75E4F02B744C} - System32\Tasks\{4C35057D-67F3-4B54-9E45-F23C44F331F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C0810280-BE52-490D-BF2D-5257065DF5C5} - System32\Tasks\{D498629D-8CAA-40E4-B0CA-F408BBA28BC0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C11A4F1F-FC33-4E03-B6F0-F8046C545EC6} - System32\Tasks\{7AFB956A-0F45-4067-BBA1-E2826731557B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C1632DB5-FAD0-4A24-86A6-20ED94B55839} - System32\Tasks\{F6319C5C-C396-49E3-B6D4-CEE3C011EAC4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C2CB4B2C-2E1A-463D-95DD-C0E40030E32B} - System32\Tasks\{BC532D56-E907-47F0-9123-02EDF99B5D0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C2E47FF8-6562-4215-8733-A9DC16101EAE} - System32\Tasks\{2E55AA7E-6019-46C6-BE1D-7311491E1B30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C3C2DAED-9165-4CED-B3F4-4606212A28DB} - System32\Tasks\{741A1C7E-5100-4B44-897E-316813676533} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C624C440-8937-4876-AE11-24508BA5882B} - System32\Tasks\{2DFA6B2C-FF53-4E74-9E82-F4270A21F482} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C68C0FED-2E14-4F9A-8430-B72E6E7FFB0B} - System32\Tasks\{67968355-D0AA-4AA3-80D1-293553EBEE7E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C77B0908-83F9-4FD3-8E52-F187C1F1892A} - System32\Tasks\{7D72E36A-FFB1-43D2-A2CE-038770D2E788} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C833C9F3-9EDB-4539-BD55-336472A241B8} - System32\Tasks\{83D37A63-84CD-421D-BDA1-36D40518B0A6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C8BAAE16-0D33-4D88-83E9-41DFE92796F0} - System32\Tasks\{0AAB9A11-85B6-48BE-8997-523D390AF02E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C8FE205C-5327-4716-A89F-944F625F68B3} - System32\Tasks\{C64F802B-64B6-4CBA-A578-593AA2949E63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CB7110D6-4643-4DDA-8CD8-5DBE0CCD946F} - System32\Tasks\{BF2FDABC-4DAC-4253-AF3E-724B568CE45D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CC5DF190-C7D1-4EEF-A75A-BB5E7EF0DC50} - System32\Tasks\{AEF599D6-2168-4234-94B8-CF4D87C0A57F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CD1D52EA-87D5-4F52-B602-06657FED742B} - System32\Tasks\{63E172EF-402F-46C5-99C5-B68A6156AD27} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CD4F4EC8-C8C0-4CA4-8782-C7378E82B4C4} - System32\Tasks\{5C9EDEE7-42FA-4FC2-BDB3-2038587962EF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CDBB92E4-C6A1-41FF-ABCB-DBECEABAF6D9} - System32\Tasks\{1A42DDA1-12EA-4D7C-A72E-D68F51F88816} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CDC15B2D-6E3F-4233-B4F7-F4DA05DBD057} - System32\Tasks\{FE6163FE-199D-4600-A7B6-543FB8800D26} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CDDF1E93-93E3-4FF2-98E1-D7A9716ABD04} - System32\Tasks\{9B7E73D3-4FA9-48B1-80FB-362A9095FA76} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D143E9CE-3E4F-4FAD-AF76-9B634F1B0F35} - System32\Tasks\{D7029D25-363B-4232-808A-9F34400EE138} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D1E7DD15-F243-4247-A3CF-FE906F66964A} - System32\Tasks\{517FFFAF-D8E2-4964-828E-EDAA61E33C22} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D4085D6C-F4B2-4A16-888F-E1A355A92255} - System32\Tasks\{999ECAF2-9D47-4A0F-A9FA-1C869662B6CB} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D560F458-CE65-4B26-8006-4CB011496A22} - System32\Tasks\{31015973-E7E4-4B00-AC30-20B4D26883FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D5E20D38-BCEA-4F2C-B2A3-191B408373FF} - System32\Tasks\{BDD0B651-085D-4837-9766-517DC2B230C6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6484046-D532-42C0-812D-6D309F7088F7} - System32\Tasks\{06960298-8D4C-4381-9851-576B1DEC3B98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D6B65524-80C0-47FA-AB0E-57DBD426DAA0} - System32\Tasks\{27A37B81-B5E1-42C4-9D23-1EDA6E238A76} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D778E6A0-97CD-40C8-B029-85FD0DEAFD8A} - System32\Tasks\{8ABFC093-F583-41D6-B316-2FF9D47A8690} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D926AC0A-9F7E-4BC0-A25C-E9811C6732AB} - System32\Tasks\{9CC1DE78-4FD1-4E1F-B0D8-259D921B6A4D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D928F4C0-932C-488F-90A5-12121FE10F0D} - System32\Tasks\{032D8CF3-5B5D-4EA4-B7E8-3D5F07C80B8C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D94FA742-E6B9-4D56-9979-A9070BAE8F67} - System32\Tasks\{D08E421A-4180-499C-8C8C-E45ABE30D735} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DA5661AE-651F-4A7C-A5E4-8747E677D64F} - System32\Tasks\{B031AFCD-2911-49D7-9C90-5DCAB088DFDE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DB8823AC-7636-4D85-8857-6538C26ECAC0} - System32\Tasks\{33B288C4-3C4E-4A64-99D6-B08CAFEA1B01} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DD314591-AAA8-4386-9AB2-284155F5950D} - System32\Tasks\{BCAC1A5A-0D56-451D-9BB9-7BB770E50F20} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DDA052AD-D6B6-480A-9C70-565F18EC43D3} - System32\Tasks\{F589C59B-15E4-4AB5-B5E5-6776D2A3DA35} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DF6F1238-EC27-4E7C-A45F-A4047C60FCC2} - System32\Tasks\{8F2AD033-8C03-42BA-A428-C804FBA5BC18} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E1D4A888-9D7C-4C63-A3A9-9D42BFC847C7} - System32\Tasks\{44756104-9128-4C9D-B874-61EB2FFD0254} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E2A5D5E4-3B5C-4372-B8DA-6D004730A4AC} - System32\Tasks\{7B06A8BC-97EC-4266-8400-45B789B6A8C0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E334BCBD-2120-4677-8856-A16645FF0762} - System32\Tasks\{5443AD49-38F2-412F-ACAB-A66CE732ABB2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E3AA0295-7785-4C31-806B-5DFEDCE4C514} - System32\Tasks\{6887DCE1-58F4-477D-86C2-5F5EF06F075E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E84CF9B8-0E29-432C-89AA-5965C68A1F91} - System32\Tasks\{FE3A912A-D202-40FD-8BDA-39A4BFCBAD17} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E8760A57-CD22-4EAB-88C4-BAD0FA530CEB} - System32\Tasks\{A39EA2C5-A550-49E3-BF99-A1B54F7C28AF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E8C3E033-D0F9-4538-8B85-F515DD5ACAE2} - System32\Tasks\{2450B1E8-CF41-40A9-8C3B-3C98FCE59FDD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E94711B4-D71D-4190-8289-06FA8720215F} - System32\Tasks\{28B3BE0E-99E7-4599-9FFA-BC3A45119405} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EAACE01C-3189-4614-86B5-11A7B16F840D} - System32\Tasks\{273FE228-2661-44F2-88D6-3195C04E123B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EAB85E66-F1D7-43A6-9531-387CF9B97E2E} - System32\Tasks\{A67CB8C1-DD6D-4F4B-B92A-14A57294AAFE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EAC4E00C-D00E-4942-AF92-37715E770E8D} - System32\Tasks\{C4D9ABE6-E095-472D-89D6-E883E7599156} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EB4CD724-0625-4F35-AAF0-CF7F8EB8747F} - System32\Tasks\{B09A3F7A-3DD2-4031-A8E8-275BECD40082} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EBCC099B-6051-49AA-AAAD-B1D734F6DC2B} - System32\Tasks\{4C8D5066-F419-46BE-91AF-870FE3AEA600} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EDD4AD7C-DE10-4419-9033-55E25FF576DF} - System32\Tasks\{0D009470-F6D1-43FD-B3DD-D9D5BFD84516} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EE24CEDC-88C3-445B-B730-F57A7A67816A} - System32\Tasks\{8E674498-7F40-402F-9D88-3A0154F3EEF2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EECF51E3-5896-40D9-B983-FF4D80D4C045} - System32\Tasks\{AC96E012-789C-48E9-8C90-4F265AF45928} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EF713ACE-E2CE-4AB2-8F89-8D4BA8402CEC} - System32\Tasks\{F3B67EBA-3FEF-46A8-AD6B-897D9693727F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F061DA0A-0C96-4596-8C1E-9F2B2DB227AC} - System32\Tasks\{11A60C3E-6FB9-4CFC-9D41-66B0974A3D9D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F26481DA-1FB8-43B2-AB6A-1EA2AF12E1E4} - System32\Tasks\{4D3A8BBB-3F4A-4EEC-BAE2-B9CFBF772792} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F2AD1CE7-E47B-482C-856E-CEF48DF920D6} - System32\Tasks\{78DF940E-2A1F-4AF6-86DE-B047B8E3BA30} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F2D76B04-280D-426C-B8D0-F0D737911FE7} - System32\Tasks\{9B7B9A44-8DAC-46FA-B7E9-5A2661D46A91} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F350E13C-DA5C-4867-AE35-F8E47A3DA9B7} - System32\Tasks\{18BAB7C7-0CE2-4029-8842-A1AE06043D0A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F3E52268-93AB-4AD2-8AD0-EDAB2E53D85A} - System32\Tasks\{8B2628F7-4047-4D58-A845-9FF91A8501E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F4BA5ED7-594F-41A8-90F5-AB5EF68CFBF8} - System32\Tasks\{06916B6E-5DF8-4C8F-BF39-0F077E2D4428} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F8726FD3-C7BC-42CA-BC81-C9E832C5918B} - System32\Tasks\{D4F14CB9-19E7-4CC5-A2D8-E44B32022B81} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F87E9297-CD61-4D2F-A2B6-0F1F5C715845} - System32\Tasks\{721E0CE9-0AC3-45A1-887B-4F84E8EB7E4C} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F99114B9-DF78-4146-BB57-953737202383} - System32\Tasks\{21800C54-6892-481C-948F-E03D919AF9DC} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F9D77C80-213A-4B06-A703-D9B3B9C038A7} - System32\Tasks\{A0BFE506-5A62-455C-B1FA-90081E1B11AB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FA158D5C-19DC-43B5-8C79-032B5F5714F9} - System32\Tasks\{94C9BD0D-D5F9-4D9D-AB2B-15064F7EEB1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FABBB50C-B028-4DA7-8DC6-9271D9CFEE67} - System32\Tasks\{4B3A53E1-FDF3-4CC5-9481-BB8DD69FDDF5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FABC1003-D447-4DDB-8CC8-9938897A9B69} - System32\Tasks\{C71F05EA-3B7B-42B9-B69E-6E3BB969B590} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FCA3B720-7967-430E-9911-A91BBD183D8B} - System32\Tasks\{9F7A9E1A-6F8E-412C-9706-DCF783F39505} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FD3BA4CE-D8BB-4C48-9274-364826405C40} - System32\Tasks\{EB193E23-2C5B-45E1-B5CA-E98BC4099F1E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FD5ADD08-D7B7-4855-856D-62CCA4C4DC2A} - System32\Tasks\{1E80DC1C-8DAB-4084-8DB5-3A1DD9E9971F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FE9CB26B-6394-49B7-824C-8C2327D947B4} - System32\Tasks\{BB53BCA2-C745-4F7E-B97D-1F517D0ECD52} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFEA2714-F490-447A-9363-0A30ACC9B25A} - System32\Tasks\{8D5DCC01-FD1F-4D4C-BA6B-E02440C1BCF0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job => C:\Users\ITSC-admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-07 04:20 - 2012-11-07 10:46 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-12-24 22:16 - 2005-06-07 13:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-09-17 05:06 - 2012-09-17 05:06 - 00935504 _____ (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll
2012-08-07 09:22 - 2012-01-25 19:51 - 00112504 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2012-05-30 14:18 - 2011-01-25 11:57 - 04637184 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang64.dll
2012-05-30 23:04 - 2011-01-25 11:57 - 00651776 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2013-05-18 04:08 - 2013-04-13 07:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
2007-03-27 20:03 - 2007-03-27 20:03 - 02173952 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtCore4.dll
2007-03-27 20:03 - 2007-03-27 20:03 - 08048640 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtGui4.dll
2007-03-29 15:11 - 2007-03-29 15:11 - 00317440 _____ () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtXml4.dll
2009-03-26 15:28 - 2009-03-26 15:28 - 00056832 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PhysicalDevices.dll
2009-03-26 15:23 - 2009-03-26 15:23 - 00851456 _____ (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eToken.dll
2009-03-26 15:23 - 2009-03-26 15:23 - 00006656 _____ (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eTPKCS11.dll
2009-03-26 15:23 - 2009-03-26 15:23 - 00005632 ____R (Aladdin Knowledge Systems, Ltd.) C:\Windows\system32\eTSAPI.dll
2007-03-27 20:03 - 2007-03-27 20:03 - 00175104 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\plugins\imageformats\qjpeg1.dll
2009-03-26 15:29 - 2009-03-26 15:29 - 00169984 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\StoreSync.dll
2009-03-26 15:29 - 2009-03-26 15:29 - 01142784 _____ (Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\etPropBasic.dll
2012-05-30 23:05 - 2011-06-10 20:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-07 09:22 - 2012-01-25 19:51 - 00112504 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2012-07-11 11:15 - 2011-06-22 07:42 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssp4mdu.dll
2012-07-11 11:15 - 2011-06-22 07:41 - 01219584 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\spool\DRIVERS\x64\3\ssp4m.dll
2012-06-27 15:09 - 2012-06-27 15:09 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2013-05-26 14:36 - 2013-08-21 09:16 - 00295664 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\MSVCP80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\MSVCR80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\KoanLight\baseline\ATL80.DLL
2013-05-26 14:36 - 2013-08-21 09:16 - 00316144 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\MSVCR80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\MSVCP80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\NikkoLight\baseline\ATL80.DLL
2013-05-26 14:36 - 2013-08-21 09:16 - 00971504 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll
2013-05-26 14:36 - 2013-08-21 09:16 - 00951024 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\MSVCP80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportGP\baseline\MSVCR80.dll
2013-05-26 14:36 - 2013-08-21 09:16 - 00991984 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2013-05-26 14:36 - 2013-08-21 09:16 - 00246512 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\MSVCP80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\RapportVB\baseline\MSVCR80.dll
2013-05-26 14:36 - 2013-08-21 09:16 - 00230128 _____ (Trusteer Ltd.) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00548864 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\MSVCP80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00626688 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\MSVCR80.dll
2013-05-26 14:36 - 2013-04-30 02:27 - 00096256 _____ (Microsoft Corporation) C:\ProgramData\Trusteer\Rapport\store\exts\TanzanLight\baseline\ATL80.DLL
2012-07-08 11:18 - 2007-04-19 09:31 - 00396104 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uDiscClub.dll
2012-07-08 11:18 - 2007-04-19 09:31 - 00604992 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uafc.dll
2012-07-08 11:18 - 2007-04-19 09:39 - 00256768 _____ (Sample Corporation) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MSLURT.dll
2012-07-08 11:18 - 2007-04-19 09:39 - 00400128 _____ (Sample Corporation) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MSLUP60.dll
2012-07-08 11:18 - 2007-04-19 09:31 - 00047872 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uAlignSplit.dll
2012-07-08 11:18 - 2007-04-19 09:32 - 00244480 _____ (Arcsoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uDvdIfo.dll
2012-07-08 11:18 - 2007-04-19 09:33 - 00125696 _____ (arcsoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uSche.dll
2012-07-08 11:18 - 2007-04-19 09:30 - 00092928 _____ (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\MonitorMgr.dll
2012-07-08 11:18 - 2008-09-05 15:04 - 00155648 _____ (arcsoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uEpg.dll
2012-07-08 11:18 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
2012-07-08 11:18 - 2007-04-19 09:31 - 00072448 _____ (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uafcrc.dll
2012-07-08 11:18 - 2006-11-21 15:51 - 00028672 _____ (ArcSoft) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\Res_Monitor.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2012-07-08 11:18 - 2008-11-26 11:10 - 00045056 ____N (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\PlugRemote\uAbilisRemote.dll
2012-07-08 11:17 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll
2012-07-08 11:18 - 2008-10-28 05:12 - 00024576 ____N (ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\PlugRemote\uDexatekRemote.dll
2012-07-08 11:18 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\icudt.dll
2013-09-04 10:39 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-04 10:39 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 00709584 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 00099792 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-04 10:39 - 2013-09-02 22:35 - 13599184 _____ () C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-09-17 05:06 - 2012-09-17 05:06 - 00676432 _____ (ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.dll
2012-09-17 05:52 - 2012-09-17 05:52 - 00014416 _____ (ABBYY) c:\program files (x86)\abbyy finereader 11\frintegration2.dll
2013-01-09 18:26 - 2013-01-09 18:26 - 01286728 _____ (pdfforge GbR) C:\Program Files (x86)\PDF Architect\addin\WordPlugIn.dll
2013-09-19 10:01 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
2013-09-19 10:01 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
2013-08-09 19:04 - 2013-08-09 19:04 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-09 19:04 - 2013-08-09 19:04 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-09 19:04 - 2013-08-09 19:04 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-08-09 19:04 - 2013-08-09 19:04 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: Dell Wireless 375 Bluetooth Module
Description: Dell Wireless 375 Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: MATSHITA DVD+-RW UJ8B2
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2013 09:52:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2013 09:50:31 AM) (Source: DellFeatureEnhancementPack) (User: )
Description: Unable to initialize the DellSmartSettingsSys.dll. Error number = 0xa0000008

Error: (09/19/2013 09:34:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2013 09:02:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 08:13:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 03:06:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 02:16:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 10:00:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 08:25:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 04:24:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/19/2013 09:52:45 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PBADRV

Error: (09/19/2013 09:52:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ShellfireVPN2Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/19/2013 09:52:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ShellfireVPN2Service erreicht.

Error: (09/19/2013 09:52:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/19/2013 09:52:04 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PDF Architect Service erreicht.

Error: (09/19/2013 09:51:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/19/2013 09:51:18 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PDF Architect Helper Service erreicht.

Error: (09/19/2013 09:50:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/19/2013 09:50:07 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.

Error: (09/19/2013 09:49:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (09/19/2013 09:52:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2013 09:50:31 AM) (Source: DellFeatureEnhancementPack)(User: )
Description: Unable to initialize the DellSmartSettingsSys.dll. Error number = 0xa0000008

Error: (09/19/2013 09:34:18 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2013 09:02:17 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 08:13:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 03:06:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 02:16:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 10:00:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 08:25:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 04:24:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 8072.9 MB
Available physical RAM: 4107.49 MB
Total Pagefile: 16143.98 MB
Available Pagefile: 11637.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:157.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 4423CD31)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Aneri 19.09.2013 13:02
Hi

dann schauen wir erstmal das du wieder einigermaßen an dem System arbeiten kannst.

Schritt 1:

Deinstalliere bitte auf deinem System:

Code:
SweetIM for Messenger
SweetPacks Toolbar for Internet Explorer 4.5

Schritt 2:
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3:

erstelle bitte ein neues FRST Logfile in dem du FRST neu startest und nochmals SCAN drückst.
Poste mir das Logfile hier

dinara 19.09.2013 13:28
Code:
# AdwCleaner v3.004 - Bericht erstellt am 19/09/2013 um 14:15:20
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : ITSC-admin - WIWI-PC
# Gestartet von : C:\Users\ITSC-admin\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\OApps
Ordner Gelöscht : C:\Users\ITSC-A~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKCU\Software\59538c88e03eef12
Schlüssel Gelöscht : HKLM\SOFTWARE\59538c88e03eef12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v22.0 (de)

[ Datei : C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\prefs.js ]

Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=2EBA8C705A6AC3D5");
Zeile gelöscht : user_pref("extensions.mixidj.tlbrId", "mdelta");

-\\ Google Chrome v

[ Datei : C:\Users\ITSC-admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9534 octets] - [19/09/2013 14:13:27]
AdwCleaner[S0].txt - [9020 octets] - [19/09/2013 14:15:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9080 octets] ##########

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 14:25:45
Running from C:\Users\ITSC-admin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() c:\Windows\SysWOW64\srvany.exe
(O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ShellfireVPN\jre6\bin\java.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ShellfireVPN\jre6\bin\java.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2

FireFox:
========
FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)
R2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG)
S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S0 PBADRV; system32\DRIVERS\PBADRV.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-19 14:13 - 2013-09-19 14:15 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 13:47 - 2013-09-19 13:48 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

==================== One Month Modified Files and Folders =======

2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:25 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox
2013-09-19 14:19 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox
2013-09-19 14:19 - 2012-05-30 21:22 - 01278137 _____ C:\Windows\WindowsUpdate.log
2013-09-19 14:18 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-19 14:17 - 2010-11-21 05:47 - 00111702 _____ C:\Windows\PFRO.log
2013-09-19 14:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 14:17 - 2009-07-14 06:51 - 00093019 _____ C:\Windows\setupact.log
2013-09-19 14:15 - 2013-09-19 14:13 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 14:04 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-19 13:48 - 2013-09-19 13:47 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 13:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job
2013-09-19 13:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic
2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job
2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN
2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey
2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

Some content of TEMP:
====================
C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe
C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\ITSC-admin\AppData\Local\Temp\Quarantine.exe
C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll
C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-16 13:05

==================== End Of Log ============================
--- --- ---

--- --- ---

Aneri 19.09.2013 13:40
Wie darf ich dich den Ansprechen , mein Name ist Heiko

der Rechner sollte schon deutliche Besserung zeigen, liege ich da richtig?
Gib mir bitte kurz Rückmeldung

Schritt 1:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} -  No File
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2:

starte den Rechner bitte neu , und erstelle ein neues FRST Logfile

dinara 19.09.2013 13:47
Hi Heiko, ich bin Sarah. Danke für Deine Hilfe. Eine Besserung habe ich jetzt noch nicht gemerkt, weil gerade mehrere Tabs in meinem Browser überhaupt nicht geladen werden.

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-09-2013
Ran by ITSC-admin at 2013-09-19 14:46:56 Run:1
Running from C:\Users\ITSC-admin\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Ask.com CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} => Key deleted successfully.
HKCR\CLSID\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} => Key not found.
HKCR\Wow6432Node\CLSID\{6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox SearchEngineOrder.SearchScopes: HKCU - {6D10BB79-6A23-4153-A030-3AEA0BE582B9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=010647FE-D1AB-4D7B-BD9C-6DA19906F5D7&apn_sauid=3F037C82-4DF9-48AE-8092-26F19F614F7E BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} - No File 1 deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.

==== End of Fixlog ====

Aneri 19.09.2013 13:57
Hallo Sarah

Schritt 2 (frisches FRST Logfile) bnötige ich noch um dir helfen zu können.

Welcher Browser macht die Probleme?

dinara 19.09.2013 13:58
Ich weiß, das Hochfahren und der Scan dauerten nur so lange. Hier ist das Logfile. Google Chrome.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by ITSC-admin (administrator) on WIWI-PC on 19-09-2013 14:55:28
Running from C:\Users\ITSC-admin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() c:\Windows\SysWOW64\srvany.exe
(O2Micro.) c:\Windows\sysWOW64\SDIOAssist.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [626552 2012-03-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [DFEPApplication] - C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [eTMonitor] - C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [186880 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4805936 2012-08-23] (Intel(R) Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-04] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-19] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ITSC-admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM - DefaultScope {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BD0D271-429F-4F3A-93D8-1B67A6B83D91} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {29AAADC9-DA30-4264-BCC4-D447F7146FC1} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{DE7C8638-735E-41F6-BAE2-C784765E136B}: [NameServer]132.252.51.1,132.252.51.2

FireFox:
========
FF ProfilePath: C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\ITSC-admin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\ITSC-admin\AppData\Roaming\Mozilla\Firefox\Profiles\l71r1zhe.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ITSC-admin\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Lync 2010 Meeting Join Plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ITSC-admin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\ITSC-A~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821840 2012-07-19] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-19] (Avira Operations GmbH & Co. KG)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2009-03-26] (Aladdin Knowledge Systems, Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)
S2 ShellfireVPN2Service; C:\Program Files (x86)\ShellfireVPN\ShellfireVPN2.exe [1150967 2011-09-15] (Shellfire GbR)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-19] (Avira Operations GmbH & Co. KG)
S3 Ctafiltv; C:\Windows\System32\drivers\Ctafiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-20] (Dell Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-08-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S0 PBADRV; system32\DRIVERS\PBADRV.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-19 14:13 - 2013-09-19 14:15 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 13:47 - 2013-09-19 13:48 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:56 - 2013-09-19 09:53 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:56 - 2013-09-19 09:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 17:45 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 17:45 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 17:45 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 17:45 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 17:45 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 17:45 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 17:45 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 17:45 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 17:45 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 10:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 10:28 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 10:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 10:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 10:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 10:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 10:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 10:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 10:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 10:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 10:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 10:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 10:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 10:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 10:28 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 10:28 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:01 - 2013-09-17 19:07 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:58 - 2013-09-12 11:59 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 20:36 - 2013-09-10 20:38 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:13 - 2013-09-09 14:14 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 15:57 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-07 11:34 - 2013-09-09 00:26 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 11:22 - 2013-09-07 11:24 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 11:53 - 2013-09-07 11:38 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:14 - 2013-08-31 10:17 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 17:20 - 2013-09-07 11:03 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

==================== One Month Modified Files and Folders =======

2013-09-19 14:55 - 2012-07-03 11:39 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Dropbox
2013-09-19 14:54 - 2012-05-30 21:22 - 01298420 _____ C:\Windows\WindowsUpdate.log
2013-09-19 14:52 - 2013-05-13 23:12 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-19 14:51 - 2012-07-03 11:40 - 00000000 ___RD C:\Users\ITSC-admin\Dropbox
2013-09-19 14:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 14:50 - 2009-07-14 06:51 - 00093075 _____ C:\Windows\setupact.log
2013-09-19 14:37 - 2013-06-27 12:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000UA.job
2013-09-19 14:29 - 2012-05-30 21:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:26 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 14:17 - 2010-11-21 05:47 - 00111702 _____ C:\Windows\PFRO.log
2013-09-19 14:15 - 2013-09-19 14:13 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:11 - 2013-09-19 14:11 - 01039554 _____ C:\Users\ITSC-admin\Desktop\adwcleaner.exe
2013-09-19 14:04 - 2012-07-08 14:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-19 13:48 - 2013-09-19 13:47 - 00086317 _____ C:\Users\ITSC-admin\Downloads\Addition.txt
2013-09-19 13:45 - 2013-09-19 13:45 - 00000000 ____D C:\FRST
2013-09-19 13:44 - 2013-09-19 13:44 - 01950594 _____ (Farbar) C:\Users\ITSC-admin\Downloads\FRST64.exe
2013-09-19 10:01 - 2013-09-19 10:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 10:00 - 2013-09-19 10:00 - 00614816 _____ C:\Users\ITSC-admin\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-19 09:58 - 2013-09-19 09:58 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-19 09:58 - 2013-09-19 09:58 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Avira
2013-09-19 09:53 - 2013-09-19 09:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-19 09:53 - 2013-09-19 09:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-19 09:45 - 2013-09-19 09:45 - 02092792 _____ C:\Users\ITSC-admin\Downloads\avira_free_4052_antivirus.exe
2013-09-19 09:42 - 2010-11-21 08:50 - 00696870 _____ C:\Windows\system32\perfh007.dat
2013-09-19 09:42 - 2010-11-21 08:50 - 00148134 _____ C:\Windows\system32\perfc007.dat
2013-09-19 09:42 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 09:02 - 2012-05-30 21:53 - 00000000 ____D C:\ProgramData\Sonic
2013-09-18 07:06 - 2013-06-27 12:12 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201769430-2905060512-2310320027-1000Core.job
2013-09-17 19:07 - 2013-09-12 12:01 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\TaskUnifier
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (2).zip
2013-09-17 18:30 - 2013-09-17 18:30 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final (1).zip
2013-09-17 18:29 - 2013-09-17 18:29 - 01539337 _____ C:\Users\ITSC-admin\Downloads\Lieferkonzept mit Lieferaufteilung final.zip
2013-09-17 14:38 - 2013-09-17 14:38 - 00000000 ____D C:\Windows\pss
2013-09-16 17:59 - 2013-09-16 17:59 - 01323520 _____ C:\Users\ITSC-admin\Downloads\TarifverdienstLangeReiheXLS_5622203.xls
2013-09-16 13:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 11:41 - 2012-07-02 16:53 - 00000000 ____D C:\Users\ITSC-admin\Stata
2013-09-14 23:05 - 2013-09-14 23:05 - 01208611 _____ C:\Users\ITSC-admin\Downloads\Statistics5.pptx
2013-09-13 20:31 - 2012-06-08 13:26 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 20:31 - 2012-06-08 13:25 - 00000000 ___RD C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 20:30 - 2009-07-14 06:45 - 00461776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 20:29 - 2013-04-12 22:03 - 00000000 ____D C:\Program Files (x86)\ShellfireVPN
2013-09-13 17:45 - 2013-07-31 06:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 17:42 - 2012-06-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 17:42 - 2012-06-08 13:48 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 12:29 - 2012-05-30 21:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 12:29 - 2012-05-30 21:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-12 12:00 - 2013-09-12 12:00 - 00000850 _____ C:\Users\Public\Desktop\TaskUnifier.lnk
2013-09-12 12:00 - 2013-09-12 12:00 - 00000000 ____D C:\Program Files\TaskUnifier
2013-09-12 11:59 - 2013-09-12 11:58 - 21835871 _____ C:\Users\ITSC-admin\Downloads\TaskUnifier_4_0_4_installer_windows.zip
2013-09-10 23:18 - 2013-05-26 14:36 - 00295696 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-09-10 20:38 - 2013-09-10 20:36 - 00000000 ____D C:\Users\ITSC-admin\Desktop\gefunden
2013-09-09 17:20 - 2012-07-12 16:12 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-09 16:57 - 2013-09-09 16:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ITSC-admin\Downloads\revosetup95.exe
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-09 15:57 - 2013-09-09 14:11 - 00011303 _____ C:\Users\ITSC-admin\gsview64.ini
2013-09-09 15:45 - 2013-09-09 15:45 - 00000000 ____D C:\Users\ITSC-admin\.pdfsam
2013-09-09 15:45 - 2012-06-08 13:25 - 00000000 ____D C:\Users\ITSC-admin
2013-09-09 14:18 - 2013-09-09 14:18 - 00000000 ____D C:\Program Files\gs
2013-09-09 14:14 - 2013-09-09 14:13 - 00000000 ____D C:\Program Files (x86)\gs
2013-09-09 14:11 - 2013-09-09 14:11 - 00000000 ____D C:\Program Files\Ghostgum
2013-09-09 14:09 - 2013-09-09 14:09 - 00000000 ____D C:\Users\ITSC-admin\Downloads\gsview50
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\IrfanView
2013-09-09 13:45 - 2013-09-09 13:45 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-09-09 13:44 - 2013-09-09 13:44 - 02145888 _____ (Irfan Skiljan) C:\Users\ITSC-admin\Downloads\iview436g_setup.exe
2013-09-09 09:41 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 00:26 - 2013-09-07 11:34 - 00000000 ____D C:\Users\ITSC-admin\Desktop\GRASS
2013-09-07 21:25 - 2013-06-28 12:14 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\MediaMonkey
2013-09-07 11:38 - 2013-09-03 11:53 - 00000000 ____D C:\Users\ITSC-admin\Documents\grassdata
2013-09-07 11:24 - 2013-09-07 11:22 - 00000000 ____D C:\Program Files (x86)\GRASS GIS 6.4.3
2013-09-07 11:03 - 2013-08-28 17:20 - 67984482 _____ C:\Users\ITSC-admin\Downloads\WinGRASS-6.4.3-1-Setup.exe
2013-09-03 11:56 - 2013-09-03 11:56 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\GRASS6
2013-09-03 00:25 - 2013-09-03 00:25 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Amazon
2013-09-03 00:24 - 2013-09-03 00:24 - 02328864 _____ C:\Users\ITSC-admin\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\Documents\Amazon MP3
2013-09-03 00:24 - 2013-09-03 00:24 - 00000000 ____D C:\Users\ITSC-admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-31 10:17 - 2013-08-31 10:14 - 00005288 _____ C:\Users\ITSC-admin\Documents\bsauto.dta
2013-08-28 16:44 - 2012-07-02 16:27 - 00000000 ____D C:\Users\ITSC-admin\Daten
2013-08-28 16:33 - 2013-08-28 16:33 - 00000000 ____D C:\Users\ITSC-admin\Downloads\87782750
2013-08-28 15:23 - 2012-06-22 14:29 - 00000000 ____D C:\Program Files (x86)\Stata12
2013-08-28 10:02 - 2013-08-28 10:02 - 00152636 _____ C:\Users\ITSC-admin\Downloads\sweden-places-shape.zip

Some content of TEMP:
====================
C:\Users\ITSC-admin\AppData\Local\Temp\APNStub.exe
C:\Users\ITSC-admin\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe-2.exe
C:\Users\ITSC-admin\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ITSC-admin\AppData\Local\Temp\lowproc.exe
C:\Users\ITSC-admin\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\ITSC-admin\AppData\Local\Temp\Quarantine.exe
C:\Users\ITSC-admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ITSC-admin\AppData\Local\Temp\stubhelper.dll
C:\Users\ITSC-admin\AppData\Local\Temp\uninst1.exe
C:\Users\ITSC-admin\AppData\Local\Temp\wget.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_is5022.exe
C:\Users\ITSC-admin\AppData\Local\Temp\_isEA8D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-16 13:05

==================== End Of Log ============================
--- --- ---

Aneri 19.09.2013 14:06
Hi

dann schaun wir mal etwas tiefer im System.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

dinara 19.09.2013 14:31
Der Scan dauert offenbar eine Weile...

Aneri 19.09.2013 14:35
Ja , er sucht nach Rootkits... da du geschrieben hast dass der Bootvorgang so lange dauert...

dinara 19.09.2013 14:45
"Scan finished: No malware found!" Trotzdem "Cleanup"?

Aneri 19.09.2013 15:12
Nein nicht nötig, aber Poste das Logfile bitte


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:39 Uhr.
Seite 1 von 4 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131