Malwarebytes Log - Viele Funde

steve-o · 08.09.2013, 19:37

Hallo,

gestern habe ich einen Malewarebytes Quick-Scan gemacht und war kurz sehr erschrocken über die vielen Funde (log zu lang für Code-Tags -> Siehe Anhang)

nach einem heutigen neuerlichen Scan gabs nichts mehr zu berichten:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.08.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
Admin :: CORE2DUO [Administrator]

08.09.2013 20:11:15
mbam-log-2013-09-08 (20-11-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen: 
Durchsuchte Objekte: 310944
Laufzeit: 13 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

muss ich mir sorgen machen?

Vielen dank u beste grüße
steve-0

aharonov · 08.09.2013, 19:40

Hi,

nein, das ist kein Grund zur Sorge.
MBAM hat einfach jedes einzelne File und jedes Unterverzeichnis von C:\Users\Admin\AppData\Local\Smartbar aufgelistet, das es gelöscht hat, deshalb die vielen Funde. Es handelt sich dabei nur um Adware.

Wenn ich trotzdem mal reinschauen soll, dann:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

steve-o · 08.09.2013, 19:55

Hey Leo,

vielen Dank für die gute nachricht! ;-)

fühle mich eigentlich ganz sicher, wollte dir aber trotzdem einen frst scan zeigen...

dummerweise habe ich die frst.txt geschlossen und finde sie nicht mehr (auch nach der suche ist sie nicht vorhanden, weder am benutzer noch am admin-desktop)

soll ich nochmal scanen?

beste grüße

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-09-2013
Ran by Admin at 2013-09-08 20:44:52
Running from C:\Users\Stefan\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Acronis*True*Image*Home (Version: 13.0.7160)
Adobe AIR (Version: 3.6.0.6090)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Advanced Audio FX Engine
Advanced Video FX Engine
ANNO 1503 (Version: 1.04.00)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
Audiograbber 1.83 SE  (Version: 1.83 SE )
Audiograbber MP3-Plugin (Version: 1.0)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.9.1)
CCleaner (Version: 4.03)
CDBurnerXP (Version: 4.4.1.3341)
Cisco AnyConnect Secure Mobility Client  (Version: 3.1.03103)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103)
Color LaserJet 2600n
CPUID CPU-Z 1.57.1
CPUID HWMonitor 1.19
D3DX10 (Version: 15.4.2368.0902)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
dLAN Cockpit (Version: 3.2.28)
Epson Copy Utility 3.4 (Version: 3.4.0.0)
Epson Event Manager (Version: 2.01.00)
EPSON PERFECTION V30_V300 PHOTO Handbuch
EPSON Scan
eReg (Version: 1.20.138.34)
ESS Energie Indikator (Version: 2011.0)
Falk Navi-Manager (Version: 2.7.0)
FUSSBALL MANAGER 10
General Runtime Files for Nemetschek Allplan 2009 (Version: 1.5.2.0)
Google Chrome (Version: 29.0.1547.66)
Google Earth (Version: 7.1.1.1888)
Google Outlook Contact Sync 0.9.1.0
Google Update Helper (Version: 1.3.21.153)
GPL Ghostscript (Version: 9.07)
GSview 4.9
iCloud (Version: 2.0.2.187)
ImgBurn (Version: 2.5.5.0)
inSSIDer 3 (Version: 3.0.6.42)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software (Version: 13.03.0000)
InterVideo DeviceService (Version: 1.0.0)
iTunes (Version: 11.0.1.12)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
KeePass Password Safe 2.18
Laptop Integrated Webcam Driver (1.04.01.1011)  
Live! Cam Avatar (Version: 1.0)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Maple 8 (Version: 8.0.0)
Media Go (Version: 2.4.256)
Media Go Video Playback Engine 1.116.104.02020 (Version: 1.116.104.02020)
MediaDirect (Version: 3.5)
miCoach Manager (Version: 5.2.9)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MiKTeX 2.9 (Version: 2.9)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mp3tag v2.54 (Version: v2.54)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NETGEAR Genie (Version: 2.2.28.24.exe )
NetSpeedMonitor 2.5.4.0 x86 (Version: 2.5.4.0)
No23 Recorder (Version: 2.1.0.3)
Norton Internet Security (Version: 20.4.0.40)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
O&O SafeErase (Version: 2.7.523)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OLYMPUS Master 2 (Version: 1.0.13)
OLYMPUS Studio 2 (Version: 1.0.8)
Origin (Version: 8.3.7.3619)
OutlookAddinSetup (Version: 1.0.0)
Panda USB Vaccine 1.0.1.4
PC Connectivity Solution (Version: 12.0.48.0)
PDF Architect (Version: 1.0.52.8917)
PDFCreator (Version: 1.7.1)
PlayStation(R)Network Downloader (Version: 2.07.00849)
PlayStation(R)Store (Version: 4.14.6.15183)
Presto! PVR (Version: 5.40.02)
ProgDVB
QuickSet (Version: 8.2.20)
QuickShare (Version: 1.6.1.950)
QuickTime (Version: 7.73.80.64)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.06 (Version: 3.54.06)
Secunia PSI (3.0.0.6005) (Version: 3.0.0.6005)
SigmaTel Audio (Version: 5.10.5210.0)
SimCity 3000
Skype™ 5.10 (Version: 5.10.116)
SmartSound Quicktracks Plugin (Version: 3.0.5.0)
Sony Ericsson Update Engine (Version: 2.13.6.201305161305)
Sony Mobile Update Service (Version: 2.13.6.201305161305)
Sony PC Companion 2.10.155 (Version: 2.10.155)
Stickies 7.1b
swMSM (Version: 12.0.0.1)
System Requirements Lab
System Requirements Lab for Intel (Version: 4.4.22.0)
TeXnicCenter Version 2.0 Beta 1 (Version: 2.0 Beta 1)
TIPP10 Version 2.1.0
TrueCrypt (Version: 7.1a)
UPC Fiber Power Optimizer
UPC Fiber Power Optimizer (Version: 2.0.0.3)
UPC Install Master
UPC Install Master (Version: 1.0.0.110)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.6 (Version: 2.0.6)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam  (06/28/2007 2.2.0.0) (Version: 06/28/2007 2.2.0.0)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam  (12/28/2006 1.0.0.0) (Version: 12/28/2006 1.0.0.0)
WinSCP 4.3.2 (Version: 4.3.2)
 

==================== Restore Points  =========================

01-09-2013 06:41:48 Geplanter Prüfpunkt
02-09-2013 20:09:17 Installed MSXML 6.0 Parser
02-09-2013 20:32:20 Eurofibu Kassabuch 2013 Standard [Vista/W7/W8] wird installiert
02-09-2013 20:34:36 Eurofibu Kassabuch 2013 Standard [Vista/W7/W8] wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01002612-B963-4CB1-9BD9-EA8EC9DEF94E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {2E509385-1CC6-420D-9D5A-A09EF96F6BAE} - System32\Tasks\{826FFC3A-FCB8-41FA-B9FF-DE7D6065B5B4} => C:\Program Files\ANNO 1503\1503Startup.exe [2004-01-07] (MAX DESIGN)
Task: {6F765D4C-30DC-4074-8692-29A5250BE0B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-30] (Google Inc.)
Task: {80C7BE73-063C-4DE7-ABA6-EA8A7E93611B} - System32\Tasks\{094DFEE5-9FBD-434D-A6AC-578D4796B3F6} => C:\Program Files\Landwirtschafts-Simulator 2008\FarmingSimulator2008.exe
Task: {8749EF0A-CDB9-4D02-B4CF-2395BCA0A6A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-30] (Google Inc.)
Task: {9EFC7D27-9CF2-44D8-80B4-657FEEAC1F94} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {A9DE23CB-DE39-4700-984A-1B7CD682064E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-24] (Adobe Systems Incorporated)
Task: {AC9A2B93-644A-4070-AFA7-6B9DD6F4787E} - System32\Tasks\{C147E5D2-D092-4B9A-ADE3-BDA57D17BE44} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {AE6402DB-54D0-4AFF-9F21-3A2D5ECCD8A1} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {C0BD0923-780A-4B0F-9CF3-C605FCA90320} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {C12D8031-40CE-44A9-882A-8EC8F20BE7AE} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {C2E20D00-0E87-42E7-ADCB-5553F83F54EA} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {C51C8AE6-7688-4A6F-893C-087045BA595A} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2753433036-1170817247-1168811253-1008 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation)
Task: {D9CCB4F7-435F-4382-9029-9A3FBA49DF61} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC6262EB-DFF8-41A7-BF42-1E415C11A778} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-13 08:44 - 2013-05-21 06:44 - 00705928 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccL120U.dll
2013-06-13 08:44 - 2013-05-21 06:44 - 00089480 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccVrTrst.dll
2013-06-13 08:44 - 2013-05-23 07:25 - 00086408 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\EFACli.dll
2013-06-13 08:44 - 2013-05-21 06:44 - 00157576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvc.dll
2013-06-13 08:45 - 2013-05-21 06:40 - 00410576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\srtsp32.dll
2013-06-13 08:44 - 2013-05-21 06:44 - 00159624 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccIPC.dll
2013-06-13 08:44 - 2013-06-04 06:42 - 00548688 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\NPCTRAY.DLL
2013-06-13 08:44 - 2013-05-21 06:44 - 00345480 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSet.dll
2013-06-13 08:44 - 2013-06-04 06:43 - 00962384 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\uiMain.dll
2013-06-13 08:44 - 2013-05-28 09:42 - 02430800 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SYMHTMDX.DLL
2013-06-13 08:44 - 2013-05-30 03:22 - 00320816 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\diStRptr.dll
2013-06-13 08:44 - 2013-05-30 04:13 - 01337136 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\MClnTask.dll
2013-07-14 10:01 - 2013-06-28 07:17 - 01849168 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\isDataPr.dll
2013-06-13 08:44 - 2013-06-04 06:42 - 00548176 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\ASHELPER.DLL
2013-06-13 08:44 - 2013-06-04 06:42 - 00579408 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\ASOEHOOK.DLL
2013-06-13 08:44 - 2013-06-04 06:42 - 00537424 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\AVPAPP32.DLL
2013-06-13 08:44 - 2013-05-21 06:44 - 00401288 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\CCJOBMGR.DLL
2013-06-13 08:44 - 2013-05-21 00:50 - 02651472 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\CLTALDIS.DLL
2013-06-13 08:44 - 2013-05-24 04:09 - 00502664 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\AVIfc.dll
2013-06-13 08:44 - 2013-05-21 00:50 - 00932176 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\cltPE.dll
2013-06-13 08:44 - 2013-05-31 03:46 - 00999760 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coDataPr.dll
2013-06-13 08:44 - 2013-05-31 03:48 - 00551760 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coShdObj.dll
2013-06-13 08:44 - 2013-05-21 06:44 - 00289160 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccGEvt.dll
2013-07-13 00:27 - 2013-07-03 23:42 - 00821552 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\naHelper.dll
2013-06-19 10:29 - 2013-06-10 19:10 - 00629072 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\MUI\20.4.0.40\07\01\cltRes.loc
2013-06-13 08:44 - 2013-06-04 06:42 - 00528208 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\FWSESAL.DLL
2013-06-13 08:44 - 2013-05-21 00:50 - 01035088 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\cltLMS.dll
2013-06-13 08:44 - 2013-05-31 03:48 - 01397584 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\COACTMGR.DLL
2013-06-13 08:45 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-06-13 08:44 - 2013-06-04 06:42 - 00502608 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\NUEX.DLL
2013-06-13 08:44 - 2013-05-30 04:13 - 01078576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\DataStor.dll
2013-06-13 08:44 - 2013-05-30 04:13 - 00965936 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\Comm.dll
2013-06-13 08:45 - 2013-06-04 06:43 - 00243024 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\QSPLUGIN.DLL
2013-06-13 08:45 - 2012-05-15 03:27 - 00588216 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\SDKCMN.DLL
2013-06-13 08:45 - 2013-06-04 06:43 - 00916304 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\UIALERT.DLL
2013-06-13 08:45 - 2013-05-30 04:13 - 00028464 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\USERCTXT.DLL
2010-09-07 12:59 - 2013-02-10 05:20 - 12862400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Stefan\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2010-04-04 23:14 - 2010-04-04 23:14 - 01033728 _____ (Florian Gilles) C:\Program Files\NetSpeedMonitor\nsm.dll
2006-11-03 16:50 - 2006-11-03 16:50 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btncopy.dll
2011-05-24 17:38 - 2011-02-23 11:44 - 00072192 _____ (Martin Prikryl) C:\Program Files\WinSCP\DragExt.dll
2008-02-22 16:55 - 2008-02-22 16:55 - 00103704 _____ (Dell Inc.) C:\Program Files\Dell\QuickSet\dadkeyb.dll
2011-01-28 20:17 - 2011-01-28 20:17 - 01002224 _____ () C:\Program Files\Acronis\TrueImageHome\tishell.dll
2010-08-12 11:40 - 2010-08-12 11:40 - 00284000 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\timounter.dll
2013-06-13 08:44 - 2013-06-04 06:42 - 00176976 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\NavShExt.dll
2007-11-05 13:03 - 2007-11-05 13:03 - 00558336 _____ (O&O Software GmbH) C:\Program Files\OO Software\SafeErase\oosesh.dll
2007-11-05 13:02 - 2007-11-05 13:02 - 00668928 _____ (O&O Software GmbH) C:\Program Files\OO Software\SafeErase\OOSERS.DLL
2013-01-09 18:36 - 2013-01-09 18:36 - 00533064 _____ (pdfforge GbR) C:\Program Files\PDF Architect\ContextMenuExt.dll
2012-10-24 19:54 - 2012-10-24 19:54 - 00265216 _____ (Florian Heidenreich) C:\Program Files\Mp3tag\Mp3tagShell32.dll
2011-02-22 23:27 - 2010-11-20 14:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2010-09-07 12:52 - 2007-04-10 18:02 - 01601536 _____ (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\STLang.dll
2010-09-07 12:52 - 2008-02-15 18:23 - 00312320 _____ (IDT, Inc.) C:\Windows\system32\stapi32.dll
2010-09-07 12:58 - 2007-06-25 19:51 - 00100418 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2013-07-17 15:49 - 2013-05-31 18:58 - 00290232 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130715.001\UMEngx86.dll
2010-11-18 19:35 - 2010-11-18 19:35 - 00058720 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll
2011-01-28 18:23 - 2011-01-28 18:23 - 00279904 _____ () C:\Program Files\Acronis\TrueImageHome\Common\resource.dll
2011-01-28 17:03 - 2011-01-28 17:03 - 00071008 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\Common\gc.dll
2010-08-12 11:27 - 2010-08-12 11:27 - 00226656 _____ (Acronis) C:\Program Files\Common Files\Acronis\SnapAPI\snapapi.dll
2011-01-28 17:03 - 2011-01-28 17:03 - 00019808 _____ () C:\Program Files\Acronis\TrueImageHome\Common\thread_pool.dll
2011-01-28 17:04 - 2011-01-28 17:04 - 00028512 _____ () C:\Program Files\Acronis\TrueImageHome\Common\rpc_client.dll
2010-08-12 11:35 - 2010-08-12 11:35 - 02990376 _____ (Acronis) C:\Program Files\Common Files\Acronis\TrueImageHome\tdrpapi.dll
2011-10-07 11:41 - 2011-10-07 11:41 - 00879896 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00053024 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01291552 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00922912 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 16303976 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2006-11-04 08:38 - 2006-11-04 08:38 - 00552960 _____ (Broadcom Corporation.) C:\Windows\system32\btwapi.dll
2006-11-03 17:08 - 2006-11-03 17:08 - 00233472 _____ (Broadcom Corporation.) C:\Windows\system32\btosif.dll
2006-11-03 17:25 - 2006-11-03 17:25 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2006-11-07 12:19 - 2006-11-07 12:19 - 05271552 _____ (Broadcom Corporation.) C:\Windows\system32\btrez.dll
2006-11-03 17:55 - 2006-11-03 17:55 - 00208896 _____ (Broadcom Corporation.) C:\Windows\system32\btmmhook.dll
2009-07-14 01:53 - 2009-07-14 03:14 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Stefan\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Stefan\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Stefan\AppData\Roaming\Dropbox\bin\icudt.dll
2010-09-07 12:58 - 2007-06-25 19:51 - 00100418 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2011-10-05 04:52 - 2011-10-05 04:52 - 00756048 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2010-09-07 15:47 - 2012-12-06 13:52 - 01912320 _____ (Zenographics, Inc.) C:\Windows\system32\spool\DRIVERS\W32X86\3\suhp2600.dll
2013-05-15 20:49 - 2012-12-06 13:52 - 00957952 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\spool\DRIVERS\W32X86\3\gchp2600.dll
2006-11-03 17:18 - 2006-11-03 17:18 - 00344064 _____ (Broadcom Corporation.) C:\Windows\system32\btsendto_office.dll
2006-11-03 17:09 - 2006-11-03 17:09 - 00393216 _____ (Broadcom Corporation.) C:\Windows\system32\btsendto.dll
2006-11-03 16:44 - 2006-11-03 16:44 - 00647168 _____ (Broadcom Corporation.) C:\Windows\system32\BtWdSdk.dll
2013-01-09 18:26 - 2013-01-09 18:26 - 01286728 _____ (pdfforge GbR) C:\Program Files\PDF Architect\addin\WordPlugIn.dll
2006-06-27 03:39 - 2006-06-27 03:39 - 00329240 _____ (Lingsoft, Inc.) C:\Program Files\Common Files\Microsoft Shared\PROOF\MSHY3GE.DLL
2010-09-07 15:47 - 2012-12-06 13:52 - 00378880 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\spool\DRIVERS\W32X86\3\sdhp2600.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
2013-09-08 17:24 - 2013-08-27 16:35 - 03060312 _____ (Symantec Corporation) c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.0.24\definitions\virusdefs\20130907.006\cceraser.dll
2013-01-04 16:17 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
2013-01-04 16:17 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
2013-09-01 11:01 - 2013-09-01 11:01 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2010-09-07 12:59 - 2013-02-10 05:20 - 02528840 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2013 08:43:06 PM) (Source: Application Hang) (User: )
Description: Programm FRST.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1638

Startzeit: 01ceacc32c18fd9b

Endzeit: 38

Anwendungspfad: C:\Users\Stefan\Desktop\FRST.exe

Berichts-ID: 7d28f3b2-18b6-11e3-9841-001fe2d9d63a

Error: (09/08/2013 07:50:35 PM) (Source: Application Hang) (User: )
Description: Programm OUTLOOK.EXE, Version 12.0.6680.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3f0

Startzeit: 01ceacbbcea3edbb

Endzeit: 15

Anwendungspfad: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

Berichts-ID: 1f40c990-18af-11e3-9841-001fe2d9d63a

Error: (09/08/2013 06:01:24 PM) (Source: Application Hang) (User: )
Description: Programm OUTLOOK.EXE, Version 12.0.6680.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ae0

Startzeit: 01ceaca4aabdc2bc

Endzeit: 0

Anwendungspfad: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

Berichts-ID: dc6a37ca-189f-11e3-9841-001fe2d9d63a

Error: (09/07/2013 00:13:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13449283

Error: (09/07/2013 00:13:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13449283

Error: (09/07/2013 00:13:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/07/2013 00:13:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13448035

Error: (09/07/2013 00:13:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13448035

Error: (09/07/2013 00:13:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/07/2013 00:13:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13447021


System errors:
=============
Error: (09/08/2013 05:05:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/08/2013 05:05:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/07/2013 10:24:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/07/2013 10:24:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/07/2013 09:15:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/07/2013 09:15:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/06/2013 04:59:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/06/2013 04:59:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/05/2013 02:58:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/05/2013 02:58:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (04/07/2013 09:41:02 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/30/2013 00:17:32 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/20/2012 06:10:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 121 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/03/2012 02:01:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1121 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/02/2012 07:39:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/19/2012 07:02:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14718 seconds with 11340 seconds of active time.  This session ended with a crash.

Error: (02/19/2012 07:02:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3088 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (02/13/2012 01:43:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/22/2011 04:55:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 204 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (10/16/2011 04:43:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 84 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-12-09 13:51:21.705
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-09 13:22:12.937
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-09 10:30:35.556
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-09 09:36:44.998
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-09 09:20:27.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-08 19:16:52.412
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-08 18:59:16.650
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-08 16:32:21.954
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-08 16:25:36.047
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-08 14:06:45.421
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00170_002\avcuf32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 3582.06 MB
Available physical RAM: 1909.33 MB
Total Pagefile: 7162.41 MB
Available Pagefile: 5566.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80.01 GB) (Free:10.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:216.03 GB) (Free:29.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=OF Extended)

==================== End Of Log ============================

aharonov · 08.09.2013, 20:09

Hallo,

ja die FRST.txt brauch ich. Scanne nochmals so:

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

steve-o · 08.09.2013, 20:23

here we go:

Frst.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-09-2013
Ran by Admin (administrator) on CORE2DUO on 08-09-2013 21:16:40
Running from C:\Users\Stefan\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
() C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-02-15] (IDT, Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [159744 2007-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [189736 2007-11-01] (CyberLink Corp.)
HKLM\...\Run: [DELL Webcam Manager] - C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5145824 2011-01-28] ()
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2011-01-28] (Acronis)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM\...\Runonce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKCU\...\Run: [NETGEARGenie] - C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()
HKU\Christina\...\Run: [OM2_Monitor] - C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [ 2009-11-25] (OLYMPUS IMAGING CORP.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
SearchScopes: HKCU - {037BE40B-A3BA-4AF1-8535-60093FBFB861} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.tuwien.ac.at/CACHE/stc/1/binaries/vpnweb.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.22.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\user.js
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Виявлення пристроїв Logitech - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\DeviceDetection@logitech.com
FF Extension: Free Download Manager plugin - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: TimeTracker - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\timetrack@usablehack.com
FF Extension: Flagfox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Linkification - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{5c7e4f24-ab9e-483e-840f-c45f8289a9b1}
FF Extension: IE Tab - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
FF Extension: youtube2mp3 - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hqvy3eja.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Norton Identity Safe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\npcoplgn.dll (Symantec Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Reallusion CT4Player for Mozilla) - C:\Program Files\Mozilla Firefox\plugins\npRLCT4Player.dll ( )
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Norton Identity Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [764552 2011-01-28] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2011-09-15] (Acronis)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2013-04-07] (NETGEAR)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [555408 2013-03-26] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92112 2013-03-26] (Cisco Systems, Inc.)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-03] (ITETech                  )
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130905.001\IDSvix86.sys [392792 2013-08-24] (Symantec Corporation)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130907.006\NAVENG.SYS [93272 2013-08-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130907.006\NAVEX15.SYS [1612376 2013-08-31] (Symantec Corporation)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6637056 2010-08-16] (Intel Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2013-06-26] (CACE Technologies, Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-02-07] (Secunia)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1404000.028\SYMNETS.SYS [339544 2013-04-25] (Symantec Corporation)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R2 WinRing0_1_2_0; C:\Users\Stefan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [14416 2011-04-03] (OpenLibSys.org)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [x]
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [x]
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-08 20:42 - 2013-09-08 20:42 - 01082239 _____ (Farbar) C:\Users\Stefan\Desktop\FRST.exe
2013-09-08 20:36 - 2013-09-08 20:36 - 00006430 _____ C:\Users\Admin\Desktop\mbam-log-2013-09-07 (09-56-15).7z
2013-09-07 12:57 - 2013-09-07 12:57 - 00008611 _____ C:\Users\Stefan\Desktop\normen.xlsx
2013-09-02 22:32 - 2013-09-02 22:35 - 00000000 ____D C:\Users\Admin\Documents\Eurofibu 2K4KBS
2013-09-02 22:31 - 2013-09-02 22:31 - 14200880 _____ (Multimedia EDV-Software und Verlag GmbH                     ) C:\Users\Stefan\Downloads\kb_std_2013_vista_w7.exe
2013-09-02 22:20 - 2013-09-02 22:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\EuroKass
2013-09-02 22:20 - 2013-09-02 22:20 - 00000000 ____D C:\Users\Admin\Documents\EuroKass
2013-09-02 22:20 - 2013-09-02 22:20 - 00000000 ____D C:\Program Files\Common Files\EuroKass
2013-09-02 22:18 - 2013-09-02 22:18 - 15939136 _____ C:\Users\Stefan\Downloads\EK310512-963.exe
2013-09-02 22:08 - 2013-09-02 22:08 - 05620432 _____ (makasy.com                                                  ) C:\Users\Stefan\Downloads\haushaltsbuch-setup.exe
2013-09-02 21:39 - 2013-09-02 21:39 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\MechCAD
2013-09-02 21:38 - 2013-09-02 21:38 - 06677568 _____ (MechCAD Software                                            ) C:\Users\Stefan\Downloads\AceMoneyLiteSetup.exe
2013-09-01 11:01 - 2013-09-01 11:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-25 15:42 - 2013-08-25 15:43 - 00000548 _____ C:\Windows\LkmdfCoInst.log
2013-08-25 08:20 - 2013-08-10 18:20 - 01707008 _____ (Masuji SUTO & Werner Bloos & David Sykes) C:\Users\Stefan\Downloads\stphmkrg.exe
2013-08-25 08:07 - 2013-08-25 08:10 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\namexif
2013-08-25 08:06 - 2013-08-25 08:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\namexif
2013-08-25 08:06 - 2013-08-25 08:06 - 00450314 _____ C:\Users\Stefan\Downloads\Namexif.exe
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\UpdatusUser\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Stefan\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Christina\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Admin\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2013-08-25 08:06 - 2013-08-25 08:06 - 00000000 ____D C:\Program Files\Namexif
2013-08-24 21:03 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-24 21:03 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-24 21:03 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-24 21:03 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-24 21:03 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-24 21:03 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-24 21:03 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-24 21:03 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-24 21:03 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-24 19:26 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-24 19:26 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-24 19:26 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-24 19:26 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-24 19:26 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-24 19:26 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-24 19:26 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-24 19:26 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-24 19:26 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-24 19:26 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-24 19:25 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-24 19:25 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 23:29 - 2013-08-09 23:29 - 00006798 _____ C:\Users\Stefan\Downloads\293939_fuelings.csv

==================== One Month Modified Files and Folders =======

2013-09-08 21:17 - 2009-07-14 06:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-08 21:17 - 2009-07-14 06:34 - 00024192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-08 21:15 - 2010-09-07 11:39 - 01507342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 21:13 - 2012-10-14 11:28 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Dropbox
2013-09-08 21:13 - 2011-11-30 23:50 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-08 21:10 - 2013-06-28 22:40 - 00010079 _____ C:\Windows\setupact.log
2013-09-08 21:10 - 2010-09-07 13:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-08 21:10 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-08 21:09 - 2010-09-07 11:32 - 02077019 _____ C:\Windows\WindowsUpdate.log
2013-09-08 20:51 - 2011-11-30 23:50 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-08 20:47 - 2012-04-05 20:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 20:43 - 2013-09-08 20:43 - 00000000 ____D C:\FRST
2013-09-08 20:42 - 2013-09-08 20:42 - 01082239 _____ (Farbar) C:\Users\Stefan\Desktop\FRST.exe
2013-09-08 20:36 - 2013-09-08 20:36 - 00006430 _____ C:\Users\Admin\Desktop\mbam-log-2013-09-07 (09-56-15).7z
2013-09-08 17:03 - 2012-10-14 11:31 - 00000000 ___RD C:\Users\Stefan\Dropbox
2013-09-07 12:57 - 2013-09-07 12:57 - 00008611 _____ C:\Users\Stefan\Desktop\normen.xlsx
2013-09-07 10:21 - 2013-07-13 00:26 - 00231370 _____ C:\Windows\PFRO.log
2013-09-07 10:21 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\schemas
2013-09-02 22:35 - 2013-09-02 22:32 - 00000000 ____D C:\Users\Admin\Documents\Eurofibu 2K4KBS
2013-09-02 22:31 - 2013-09-02 22:31 - 14200880 _____ (Multimedia EDV-Software und Verlag GmbH                     ) C:\Users\Stefan\Downloads\kb_std_2013_vista_w7.exe
2013-09-02 22:24 - 2013-09-02 22:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\EuroKass
2013-09-02 22:20 - 2013-09-02 22:20 - 00000000 ____D C:\Users\Admin\Documents\EuroKass
2013-09-02 22:20 - 2013-09-02 22:20 - 00000000 ____D C:\Program Files\Common Files\EuroKass
2013-09-02 22:18 - 2013-09-02 22:18 - 15939136 _____ C:\Users\Stefan\Downloads\EK310512-963.exe
2013-09-02 22:08 - 2013-09-02 22:08 - 05620432 _____ (makasy.com                                                  ) C:\Users\Stefan\Downloads\haushaltsbuch-setup.exe
2013-09-02 21:39 - 2013-09-02 21:39 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\MechCAD
2013-09-02 21:38 - 2013-09-02 21:38 - 06677568 _____ (MechCAD Software                                            ) C:\Users\Stefan\Downloads\AceMoneyLiteSetup.exe
2013-09-01 22:08 - 2012-09-18 07:26 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-01 20:27 - 2012-04-24 23:58 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-01 11:02 - 2013-09-01 11:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-01 09:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-25 15:43 - 2013-08-25 15:42 - 00000548 _____ C:\Windows\LkmdfCoInst.log
2013-08-25 15:42 - 2010-09-07 19:54 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-25 09:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-25 08:10 - 2013-08-25 08:07 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\namexif
2013-08-25 08:07 - 2013-08-25 08:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\namexif
2013-08-25 08:06 - 2013-08-25 08:06 - 00450314 _____ C:\Users\Stefan\Downloads\Namexif.exe
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\UpdatusUser\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Stefan\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Christina\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000913 _____ C:\Users\Admin\Desktop\Namexif.lnk
2013-08-25 08:06 - 2013-08-25 08:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2013-08-25 08:06 - 2013-08-25 08:06 - 00000000 ____D C:\Program Files\Namexif
2013-08-25 07:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-24 21:33 - 2013-07-20 22:41 - 00000000 ____D C:\Windows\system32\MRT
2013-08-24 21:23 - 2010-09-07 11:49 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-24 21:22 - 2010-09-07 14:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-24 19:47 - 2012-04-05 20:54 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-24 19:47 - 2011-05-15 16:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-11 14:30 - 2012-12-24 00:04 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\vlc
2013-08-10 18:20 - 2013-08-25 08:20 - 01707008 _____ (Masuji SUTO & Werner Bloos & David Sykes) C:\Users\Stefan\Downloads\stphmkrg.exe
2013-08-09 23:29 - 2013-08-09 23:29 - 00006798 _____ C:\Users\Stefan\Downloads\293939_fuelings.csv

Files to move or delete:
====================
C:\Users\Christina\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Christina\AppData\Local\Temp\SIntf16.dll
C:\Users\Christina\AppData\Local\Temp\SIntf32.dll
C:\Users\Christina\AppData\Local\Temp\SIntfNT.dll
C:\Users\Stefan\AppData\Local\Temp\20130724104424344jniverify.dll
C:\Users\Stefan\AppData\Local\Temp\20130726020452507jniverify.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Stefan\AppData\Local\Temp\Install.exe
C:\Users\Stefan\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefan\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Stefan\AppData\Local\Temp\_install.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 08:39

==================== End Of Log ============================

--- --- ---

aharonov · 08.09.2013, 20:37

Hallo,

das Log sieht gut aus. Wenn der Rechner soweit normal läuft, seh ich keinen weiteren Handlungsbedarf, denn die Funde von MBAM waren wie gesagt harmlos.

steve-o · 08.09.2013, 20:39

Alles klar - dann bedanke ich mich ganz herzlich bei dir!

Beste grüße u noch schönen abend!

Steve-o

aharonov · 08.09.2013, 20:41

Dir auch noch einen schönen Abend.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

08.09.2013, 20:09	#4
aharonov /// TB-Ausbilder	Malwarebytes Log - Viele Funde Hallo, ja die FRST.txt brauch ich. Scanne nochmals so: Starte noch einmal FRST. Ändere keine der Voreinstellungen und drücke auf Scan. Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert. Poste den Inhalt dieses Logfiles bitte hier in deinen Thread. __________________ cheers, Leo

08.09.2013, 20:37	#6
aharonov /// TB-Ausbilder	Malwarebytes Log - Viele Funde Hallo, das Log sieht gut aus. Wenn der Rechner soweit normal läuft, seh ich keinen weiteren Handlungsbedarf, denn die Funde von MBAM waren wie gesagt harmlos. __________________ --> Malwarebytes Log - Viele Funde

Malwarebytes Log - Viele Funde

Log-Analyse und Auswertung: Malwarebytes Log - Viele Funde