| |
| |||||||
Log-Analyse und Auswertung: Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
01.03.2014, 02:58
| #1 |
| |  Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam Hallo!  Seit kurzer Zeit hat sich bei meinem Firefox-Browser die Angewohnheit eingeschlichen Seiten nur sehr sehr langsam zu laden. Meistens ist es sogar so, dass jede Seite zunächst komplett blank erscheint, sodass man nur ein weißes Bild sieht. Beim aktualisieren bzw. wiederholter Eingabe wird die Seite dann meistens geladen. Beim googlen eines Begriffs tauchen die Ergenisse sofort auf, aber wenn ich dann eines anklicke kommt es zu besagtem Problem. Spiele wie z.B. League of Legends und der Teamspeak-Dienst funktionieren problemlos und ohne Verzögerungen. Facebook funktioniert auch meistens aber auch hier kam es zu heute mittag (jetzt nicht mehr) zu Ladeproblemen der Inhalte. Jedenfalls ist das ganze sehr untypisch für mein System. Mein Virenprogramm von G-Data hat keinen Fund zu melden. Zuvor hab ich Spybot Search&Destroy verwendet und da gab es ein paar Funde (Flash Player Cookies wenn ich mich recht entsinne). Nach dem Durchlauf des Spybot haben Antimalware und der Terminator nichts mehr gefunden. Anbei die Logfiles von FRST und GMER sowie Spybot: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02 Ran by Dani (administrator) on DANI-PC on 01-03-2014 02:04:23 Running from C:\Users\Dani\Downloads Windows 8 Pro (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\PROGRAM FILES (X86)\COMMON FILES\G DATA\GDSCAN\GDSCAN.EXE (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (G Data Software AG) C:\PROGRAM FILES (X86)\COMMON FILES\G DATA\AVKPROXY\AVKPROXY.EXE (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE (Microsoft Corporation) C:\Windows\system32\dashost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Flux Software LLC) C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe (LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE (Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\GUI\GDSC.exe (G Data Software AG) C:\program files (x86)\g data\antivirus\avk\avk.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4217\Battle.net.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com) HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG) HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [F.lux] - C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC) HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [LightShot] - C:\Users\Dani\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] () HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-20] () HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Steam] - D:\Games\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation) HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {3c89804b-96ba-11e3-bf59-f46d04cf6127} - "L:\Startme.exe" HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {4aaa9c37-30a5-11e2-be72-f46d04cf6127} - "F:\Setup.EXE" AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found Startup: C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFDF96472E9CFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{E2EBA4A1-F71A-4DFA-AA65-AD9099523CF9}: [NameServer]192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\ich@maltegoetz.de [2013-12-11] FF Extension: YouTube™ Anywhere Player - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{c9d31470-81c6-4e3e-9a37-46eb9237ed3a} [2014-01-17] FF Extension: SmartVideo For YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\mytube@ashishmishra.in.xpi [2013-04-15] FF Extension: Test Pilot - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-26] FF Extension: Adblock Plus - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-26] ==================== Services (Whitelisted) ================= R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-28] () R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-11-17] (DT Soft Ltd) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64856 2013-09-28] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68440 2013-11-11] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-01] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-28] () R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-26] (Microsoft Corporation) S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2009-11-19] (MCCI Corporation) S3 s1039mdfl; C:\Windows\system32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation) S3 s1039mdm; C:\Windows\system32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation) S3 s1039mgmt; C:\Windows\system32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation) S3 s1039nd5; C:\Windows\system32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation) S3 s1039obex; C:\Windows\system32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation) S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-03-01] (Windows (R) Win 7 DDK provider) S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.) S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-01 02:04 - 2014-03-01 02:04 - 00016974 _____ () C:\Users\Dani\Downloads\FRST.txt 2014-03-01 01:59 - 2014-03-01 02:00 - 00043097 _____ () C:\Users\Dani\Downloads\Addition.txt 2014-03-01 01:58 - 2014-03-01 02:00 - 00039565 _____ () C:\Users\Dani\Desktop\FRST.txt 2014-03-01 01:57 - 2014-03-01 02:04 - 00000000 ____D () C:\FRST 2014-03-01 01:56 - 2014-03-01 01:56 - 02155520 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe 2014-03-01 00:20 - 2014-03-01 00:27 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys 2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator 2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-28 23:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe 2014-02-28 22:33 - 2014-02-28 22:34 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe 2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx 2014-02-27 02:26 - 2014-03-01 02:01 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net 2014-02-27 02:26 - 2014-02-28 03:37 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net 2014-02-27 02:26 - 2014-02-27 02:26 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment 2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-02-26 16:07 - 2014-02-26 16:07 - 00000208 _____ () C:\Users\Dani\Desktop\Path of Exile.url 2014-02-26 02:55 - 2014-02-26 02:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-02-18 00:18 - 2014-02-18 00:19 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup 2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony 2014-02-18 00:16 - 2009-11-19 14:06 - 00127600 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039bus.sys 2014-02-18 00:16 - 2009-11-19 14:06 - 00015984 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039whnt.sys 2014-02-15 01:24 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml 2014-02-15 01:24 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-02-15 01:24 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-02-15 01:23 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-15 01:23 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-15 01:23 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-15 01:23 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-02-15 01:23 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-15 01:23 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-15 01:23 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-15 01:23 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-15 01:23 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-15 01:23 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-15 01:23 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-15 01:23 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-15 01:23 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-02-15 01:23 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-15 01:23 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-15 01:23 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-15 01:23 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-15 01:23 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-15 01:23 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-15 01:23 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-15 01:23 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-15 01:23 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-15 01:23 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-15 01:23 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2014-02-15 01:23 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2014-02-15 01:23 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2014-02-15 01:23 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2014-02-15 01:23 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-02-15 01:23 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-02-15 01:23 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2014-02-15 01:23 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-02-15 01:23 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-02-15 01:23 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-02-15 01:23 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-02-15 01:22 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-02-15 01:22 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-15 01:22 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-02-15 01:22 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-11 02:31 - 2014-02-11 02:33 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\dvdcss 2014-02-10 14:29 - 2014-02-10 14:29 - 15492434 _____ () C:\Users\Dani\Desktop\DSC_0028.dng 2014-02-10 14:22 - 2014-02-10 14:22 - 15465786 _____ () C:\Users\Dani\Desktop\DSC_0031.dng 2014-02-09 21:28 - 2014-02-09 21:29 - 07427245 _____ () C:\Users\Dani\Desktop\DSC_0032.dng 2014-02-08 03:20 - 2014-02-26 13:42 - 00001187 _____ () C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-02-06 15:21 - 2014-02-06 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-02 20:34 - 2014-03-01 01:54 - 00000000 ____D () C:\Users\Dani\Desktop\Fasnet14 2014-01-30 12:03 - 2014-01-30 16:36 - 00081458 _____ () C:\Users\Dani\Desktop\536305_20140129_Kontaktdaten_NwT.xlsx ==================== One Month Modified Files and Folders ======= 2014-03-01 02:04 - 2014-03-01 02:04 - 00016974 _____ () C:\Users\Dani\Downloads\FRST.txt 2014-03-01 02:04 - 2014-03-01 01:57 - 00000000 ____D () C:\FRST 2014-03-01 02:01 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net 2014-03-01 02:01 - 2012-11-07 01:17 - 01824256 ___SH () C:\Users\Dani\Downloads\Thumbs.db 2014-03-01 02:00 - 2014-03-01 01:59 - 00043097 _____ () C:\Users\Dani\Downloads\Addition.txt 2014-03-01 02:00 - 2014-03-01 01:58 - 00039565 _____ () C:\Users\Dani\Desktop\FRST.txt 2014-03-01 02:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru 2014-03-01 01:56 - 2014-03-01 01:56 - 02155520 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe 2014-03-01 01:54 - 2014-02-02 20:34 - 00000000 ____D () C:\Users\Dani\Desktop\Fasnet14 2014-03-01 01:37 - 2013-01-08 19:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-01 01:35 - 2012-12-20 21:05 - 00000000 ____D () C:\Users\Dani\AppData\Local\PMB Files 2014-03-01 01:35 - 2012-12-20 21:05 - 00000000 ____D () C:\ProgramData\PMB Files 2014-03-01 00:48 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-sys.job 2014-03-01 00:27 - 2014-03-01 00:20 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys 2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator 2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe 2014-02-28 23:32 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-S-1-5-21-3053964864-2100263365-1666197601-1001.job 2014-02-28 22:34 - 2014-02-28 22:33 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe 2014-02-28 21:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files\Opera x64 2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files (x86)\Opera x64 2014-02-28 03:37 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net 2014-02-28 02:30 - 2012-12-20 23:25 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\TS3Client 2014-02-27 15:09 - 2012-11-07 00:43 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3053964864-2100263365-1666197601-1001 2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx 2014-02-27 14:06 - 2013-05-16 12:32 - 00189356 _____ () C:\Windows\DPINST.LOG 2014-02-27 02:26 - 2014-02-27 02:26 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment 2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-02-26 17:58 - 2012-11-07 01:06 - 00000000 ____D () C:\Users\Dani\Documents\My Games 2014-02-26 16:07 - 2014-02-26 16:07 - 00000208 _____ () C:\Users\Dani\Desktop\Path of Exile.url 2014-02-26 13:42 - 2014-02-08 03:20 - 00001187 _____ () C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-02-26 13:42 - 2012-11-07 01:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-26 13:40 - 2012-11-07 00:44 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-26 13:40 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-26 02:55 - 2014-02-26 02:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-23 21:00 - 2012-11-07 01:04 - 00014544 _____ () C:\Users\Dani\Desktop\Filmliste.xlsx 2014-02-23 13:22 - 2012-11-07 00:26 - 00424530 _____ () C:\Windows\PFRO.log 2014-02-22 14:03 - 2012-07-26 11:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat 2014-02-22 14:03 - 2012-07-26 11:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat 2014-02-22 14:03 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-20 20:37 - 2013-01-08 19:47 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-18 00:21 - 2012-11-07 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-02-18 00:19 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup 2014-02-18 00:19 - 2012-11-07 00:36 - 01229151 _____ () C:\Windows\WindowsUpdate.log 2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony 2014-02-16 15:24 - 2012-12-21 17:54 - 00000039 _____ () C:\Windows\vbaddin.ini 2014-02-16 15:24 - 2012-11-07 11:11 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-16 15:23 - 2013-07-19 17:30 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-15 15:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache 2014-02-15 03:42 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore 2014-02-15 01:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-02-13 13:37 - 2012-11-07 01:04 - 05909504 ___SH () C:\Users\Dani\Desktop\Thumbs.db 2014-02-11 04:53 - 2013-01-17 00:50 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\vlc 2014-02-11 02:33 - 2014-02-11 02:31 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\dvdcss 2014-02-11 00:27 - 2014-01-24 17:55 - 02942259 _____ () C:\Users\Dani\Desktop\Das Gehirn.pptx 2014-02-10 18:29 - 2014-01-20 21:14 - 00000000 ____D () C:\Users\Dani\Desktop\50er 2014-02-10 14:29 - 2014-02-10 14:29 - 15492434 _____ () C:\Users\Dani\Desktop\DSC_0028.dng 2014-02-10 14:22 - 2014-02-10 14:22 - 15465786 _____ () C:\Users\Dani\Desktop\DSC_0031.dng 2014-02-09 21:29 - 2014-02-09 21:28 - 07427245 _____ () C:\Users\Dani\Desktop\DSC_0032.dng 2014-02-06 18:13 - 2014-02-06 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-04 19:09 - 2012-11-14 09:26 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-01 13:41 - 2013-11-11 22:14 - 00000000 ____D () C:\Windows\Minidump 2014-02-01 13:41 - 2012-11-07 00:26 - 00084992 ____N () C:\Windows\Minidump\020114-22713-01.dmp 2014-02-01 10:20 - 2014-02-15 01:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-01 10:19 - 2014-02-15 01:23 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-01 10:19 - 2014-02-15 01:23 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-01 10:19 - 2014-02-15 01:23 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-02-01 10:19 - 2014-02-15 01:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-01 10:18 - 2014-02-15 01:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-01 08:58 - 2014-02-15 01:23 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-01 08:58 - 2014-02-15 01:23 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-01 08:58 - 2014-02-15 01:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-01 08:57 - 2014-02-15 01:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-01 08:40 - 2014-02-15 01:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-01 08:34 - 2014-02-15 01:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-01 06:08 - 2014-02-15 01:23 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-01-30 22:10 - 2013-11-17 17:16 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-30 22:10 - 2013-11-17 17:16 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-30 16:36 - 2014-01-30 12:03 - 00081458 _____ () C:\Users\Dani\Desktop\536305_20140129_Kontaktdaten_NwT.xlsx Files to move or delete: ==================== C:\Users\Dani\AppData\Roaming\CamLayout.ini C:\Users\Dani\AppData\Roaming\CamShapes.ini C:\Users\Dani\AppData\Roaming\CamStudio.Producer.Data.ini Some content of TEMP: ==================== C:\Users\Dani\AppData\Local\Temp\CTPBSeq.exe C:\Users\Dani\AppData\Local\Temp\ose00000.exe C:\Users\Dani\AppData\Local\Temp\ose00001.exe C:\Users\Dani\AppData\Local\Temp\ose00002.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-27 15:11 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Dani at 2014-03-01 02:04:43
Running from C:\Users\Dani\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data AntiVirus 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data AntiVirus 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
2600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
2600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
2600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft)
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
f.lux (HKCU\...\Flux) (Version: - )
Fallout 3 (HKCU\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Free FLV Converter V 7.5.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.5.0.0 - Koyote Soft)
G Data AntiVirus 2014 (HKLM-x32\...\{5F17164A-FE5F-48B4-916F-56C6C4470D32}) (Version: 24.0.3.4 - G Data Software AG)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
lightshot-3.2.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.2.0.0 - Skillbrains)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX v8.10.17 (HKLM-x32\...\{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}) (Version: 8.10.17 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.206.0 - Tracker Software Products Ltd)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Speed-Link SL-6535 USB Pad (HKLM-x32\...\{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}) (Version: 1.00.0000 - GASIA)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
06-02-2014 17:29:16 Geplanter Prüfpunkt
14-02-2014 16:11:04 Geplanter Prüfpunkt
22-02-2014 17:43:01 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 06:26 - 2014-02-04 13:14 - 00444984 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {41F5D5F1-F227-4627-85B6-7876354CFB8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {59326961-9E4C-4F70-AC62-D7984684A93A} - System32\Tasks\update-S-1-5-21-3053964864-2100263365-1666197601-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {61A35711-201E-44B2-9BE9-EFBFE85DD2D7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6C5712C-7AE4-46A4-956D-6F8429DABC56} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: {D6E932C5-522B-4824-B015-261B24E2BD63} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {DBA0791D-2B4C-4715-9837-32A9C724583A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3053964864-2100263365-1666197601-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-11-30 19:37 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-11-30 19:37 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-11-30 19:37 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2012-11-30 19:37 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-11-30 19:37 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-11-30 19:37 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-12-11 05:22 - 2013-12-11 05:22 - 00378368 _____ () C:\Program Files (x86)\LOLReplay\LOLUtils.dll
2013-09-06 17:12 - 2013-09-06 17:12 - 00040448 _____ () C:\Program Files (x86)\LOLReplay\Compression.dll
2012-11-09 16:55 - 2007-09-13 17:05 - 00002560 _____ () C:\Windows\system32\CTXFIGER.DLL
2014-02-27 02:26 - 2014-02-27 02:26 - 26118656 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4217\libcef.dll
2014-02-27 02:26 - 2014-02-27 02:26 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4217\libglesv2.dll
2014-02-27 02:26 - 2014-02-27 02:26 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4217\libegl.dll
2014-02-26 02:55 - 2014-02-26 02:55 - 03622512 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Photosmart 2600 series
Description: Photosmart 2600 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/01/2014 00:57:45 AM) (Source: Application Hang) (User: )
Description: Programm opera.exe, Version 12.16.1860.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1368
Startzeit: 01cf34e07affbd59
Endzeit: 16
Anwendungspfad: C:\Program Files\Opera x64\opera.exe
Berichts-ID: 1bcf18aa-a0d4-11e3-bf5f-f46d04cf6127
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/28/2014 07:29:55 PM) (Source: Application Hang) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11ec
Startzeit: 01cf34b3095954e7
Endzeit: 1
Anwendungspfad: D:\Games\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: 50acf3d7-a0a6-11e3-bf5f-f46d04cf6127
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/28/2014 03:26:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/28/2014 03:25:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/28/2014 02:30:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ts3client_win64.exe, Version: 3.0.13.0, Zeitstempel: 0x5267bcf3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ebd59
ID des fehlerhaften Prozesses: 0xe68
Startzeit der fehlerhaften Anwendung: 0xts3client_win64.exe0
Pfad der fehlerhaften Anwendung: ts3client_win64.exe1
Pfad des fehlerhaften Moduls: ts3client_win64.exe2
Berichtskennung: ts3client_win64.exe3
Vollständiger Name des fehlerhaften Pakets: ts3client_win64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ts3client_win64.exe5
Error: (02/27/2014 03:12:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/26/2014 06:01:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PathOfExileSteam.exe, Version: 0.0.0.0, Zeitstempel: 0x52fd8696
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x16a0
Startzeit der fehlerhaften Anwendung: 0xPathOfExileSteam.exe0
Pfad der fehlerhaften Anwendung: PathOfExileSteam.exe1
Pfad des fehlerhaften Moduls: PathOfExileSteam.exe2
Berichtskennung: PathOfExileSteam.exe3
Vollständiger Name des fehlerhaften Pakets: PathOfExileSteam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PathOfExileSteam.exe5
Error: (02/26/2014 02:41:39 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/26/2014 01:50:07 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/24/2014 06:15:48 PM) (Source: Application Hang) (User: )
Description: Programm deponia.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ae0
Startzeit: 01cf3183f5303726
Endzeit: 98
Anwendungspfad: D:\Games\Deponia\deponia.exe
Berichts-ID: 49ec07f5-9d77-11e3-bf5d-f46d04cf6127
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (02/28/2014 07:38:41 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (02/28/2014 03:56:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/28/2014 01:18:03 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/27/2014 11:32:07 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/26/2014 02:41:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/26/2014 02:41:38 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (02/26/2014 01:49:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/26/2014 01:49:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (02/26/2014 01:43:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/26/2014 01:43:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-26 13:40:45.331
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-25 14:35:08.457
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-24 11:18:19.267
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-23 13:22:14.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-20 13:12:56.702
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-19 15:14:54.909
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 04:27:34.903
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-15 13:51:09.591
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-13 11:29:49.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-12 13:34:53.798
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8191.17 MB
Available physical RAM: 5719.01 MB
Total Pagefile: 16383.17 MB
Available Pagefile: 13067.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:205.54 GB) (Free:53.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:390.62 GB) (Free:342.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: F29C53FC)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-01 02:50:23
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-3 WDC_WD6400AAKS-22A7B2 rev.01.03B01 596,17GB
Running: t4w1kw00.exe; Driver: C:\Users\Dani\AppData\Local\Temp\kwtoapod.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\System32\dwm.exe[4328] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe1daf177a 4 bytes [AF, 1D, FE, 07]
.text C:\Windows\System32\dwm.exe[4328] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe1daf1782 4 bytes [AF, 1D, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2180] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe1a801532 4 bytes [80, 1A, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2180] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe1a80153a 4 bytes [80, 1A, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2180] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe1a80165a 4 bytes [80, 1A, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[5384] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007fe1a801532 4 bytes [80, 1A, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[5384] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007fe1a80153a 4 bytes [80, 1A, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[5384] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fe1a80165a 4 bytes [80, 1A, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[5384] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe1daf177a 4 bytes [AF, 1D, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[5384] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe1daf1782 4 bytes [AF, 1D, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5896] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fe1a801532 4 bytes [80, 1A, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5896] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fe1a80153a 4 bytes [80, 1A, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5896] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fe1a80165a 4 bytes [80, 1A, FE, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [5584:3856] fffff960009735e8
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -86999178
---- EOF - GMER 2.1 ----
Code:
ATTFilter Search results from Spybot - Search & Destroy
28.02.2014 20:10:55
Scan took 00:26:54.
39 items found.
DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\OCS\lastPID
DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\OCS\PID
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Dani\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TC3DQYUP\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F842E17E14FDF46AAD8850604CE0EEBD
Properties.filedate=1393596926
Properties.filedatetext=2014-02-28 15:15:26
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Dani\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TC3DQYUP\www-cdn.jtvnw.net\jtv_pdata.sol
Properties.size=90
Properties.md5=5D466AB15CF6F4FC5ED3E4DC1845B93F
Properties.filedate=1393599864
Properties.filedatetext=2014-02-28 16:04:24
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Dani\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TC3DQYUP\www-cdn.jtvnw.net\sessions.sol
Properties.size=50
Properties.md5=C98F5D5443B9344EBF29A73551C51D73
Properties.filedate=1393599859
Properties.filedatetext=2014-02-28 16:04:19
Right Media: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): Dani) (Browser: Cookie, nothing done)
Log: [SBI $4E2AF2AC] Install: Directx.log (File, nothing done)
C:\Windows\Directx.log
Properties.size=222513
Properties.md5=A7555AB69EEA6110B768E8B2D75A7505
Properties.filedate=1388280941
Properties.filedatetext=2013-12-29 02:35:40
Log: [SBI $4E2AF2AC] Install: setupact.log (File, nothing done)
C:\Windows\setupact.log
Properties.size=6906
Properties.md5=79E4BD0EE244099509B505815482F0CF
Properties.filedate=1392678982
Properties.filedatetext=2014-02-18 00:16:21
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Internet Explorer\TypedURLs
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation
MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Office\12.0\Excel\File MRU
MS Office 12.0 (PowerPoint): [SBI $242E8728] Recent Slideshow List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Office\12.0\PowerPoint\File MRU
MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Office\12.0\Word\File MRU
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\WinRAR\ArcHistory
WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\WinRAR\DialogEditHistory\ArcName
WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\WinRAR\General\LastFolder
WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\WinRAR\DialogEditHistory\ExtrPath
Cookie: [SBI $49804B54] Browser: Cookie (109) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (1047) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (101) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
Verlauf: [SBI $49804B54] Browser: History (65) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (60) (Browser: Cookie, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (28) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---
2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2012-11-30 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDECon64.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2014-01-08 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-02-26 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-01-08 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-02-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-02-26 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-01-15 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-02-26 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Code:
ATTFilter Search results from Spybot - Search & Destroy
28.02.2014 22:25:00
Scan took 00:25:59.
8 items found.
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Dani\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TC3DQYUP\www-cdn.jtvnw.net\jtv_pdata.sol
Properties.size=94
Properties.md5=CDFB7E9841F58C3A0AC53031E9A08162
Properties.filedate=1393617981
Properties.filedatetext=2014-02-28 21:06:20
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Dani\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TC3DQYUP\www-cdn.jtvnw.net\sessions.sol
Properties.size=50
Properties.md5=A662FE5B1C6F26E6D108B8AC8A0E0DE0
Properties.filedate=1393617966
Properties.filedatetext=2014-02-28 21:06:05
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3053964864-2100263365-1666197601-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (19) (Browser: Cache, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (56) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---
2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2012-11-30 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDECon64.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2014-01-08 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-02-26 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-01-08 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-02-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-02-26 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-01-15 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-02-26 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
|
|
01.03.2014, 09:31
| #2 |
| /// the machine /// TB-Ausbilder    |  Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
01.03.2014, 13:44
| #3 |
| | Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam Vielen Dank!
__________________ You are my hero! Ich hab das Gefühl das Problem ist gelöst, alles geht auf einmal sehr viel schneller vonstatten. Muss ich mir irgendwelche Sorgen machen oder hat da etwas nur meinen Browser ausgebremst? Anbei die Logs. Übrigens kann ich jetzt auch wieder die Symbole wie das # hier im Fenster nutzen, den Code musste ich gestern Nacht noch von Hand eingeben, um die Logs posten zu können D:FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Dani (administrator) on DANI-PC on 01-03-2014 13:35:23
Running from C:\Users\Dani\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Flux Software LLC) C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [F.lux] - C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [LightShot] - C:\Users\Dani\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] ()
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-20] ()
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Steam] - D:\Games\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {3c89804b-96ba-11e3-bf59-f46d04cf6127} - "L:\Startme.exe"
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {4aaa9c37-30a5-11e2-be72-f46d04cf6127} - "F:\Setup.EXE"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFDF96472E9CFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E2EBA4A1-F71A-4DFA-AA65-AD9099523CF9}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: YouTube™ Anywhere Player - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{c9d31470-81c6-4e3e-9a37-46eb9237ed3a} [2014-01-17]
FF Extension: SmartVideo For YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\mytube@ashishmishra.in.xpi [2013-04-15]
FF Extension: Test Pilot - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-26]
FF Extension: Adblock Plus - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-26]
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-28] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-11-17] (DT Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64856 2013-09-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68440 2013-11-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-28] ()
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-26] (Microsoft Corporation)
S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2009-11-19] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\system32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\system32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\system32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\system32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\system32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-03-01] (Windows (R) Win 7 DDK provider)
S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-01 13:35 - 2014-03-01 13:35 - 00015866 _____ () C:\Users\Dani\Downloads\FRST.txt
2014-03-01 13:33 - 2014-03-01 13:33 - 00000822 _____ () C:\Users\Dani\Desktop\JRT.txt
2014-03-01 13:17 - 2014-03-01 13:17 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:16 - 2014-03-01 13:16 - 01037734 _____ (Thisisu) C:\Users\Dani\Downloads\JRT.exe
2014-03-01 13:15 - 2014-03-01 13:15 - 00001043 _____ () C:\Users\Dani\Desktop\AdwCleaner[S0].txt
2014-03-01 13:00 - 2014-03-01 13:09 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:00 - 2014-03-01 13:00 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner(1).exe
2014-03-01 12:59 - 2014-03-01 12:59 - 00000000 _____ () C:\Users\Dani\Downloads\adwcleaner.exe
2014-03-01 02:50 - 2014-03-01 02:50 - 00002879 _____ () C:\Users\Dani\Desktop\Gmer.log
2014-03-01 02:30 - 2014-03-01 02:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 02:27 - 2014-03-01 02:27 - 00013577 _____ () C:\Users\Dani\Desktop\Checks.140228-2010.txt
2014-03-01 02:24 - 2014-03-01 02:24 - 00007700 _____ () C:\Users\Dani\Desktop\Checks.140228-2225.txt
2014-03-01 02:13 - 2014-03-01 02:13 - 00380416 _____ () C:\Users\Dani\Downloads\t4w1kw00.exe
2014-03-01 02:05 - 2014-03-01 02:04 - 00043097 _____ () C:\Users\Dani\Desktop\Addition.txt
2014-03-01 02:05 - 2014-03-01 02:04 - 00039677 _____ () C:\Users\Dani\Desktop\FRST.txt
2014-03-01 01:57 - 2014-03-01 13:35 - 00000000 ____D () C:\FRST
2014-03-01 01:56 - 2014-03-01 01:56 - 02155520 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2014-03-01 00:20 - 2014-03-01 00:27 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 23:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-02-28 22:33 - 2014-02-28 22:34 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe
2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx
2014-02-27 02:26 - 2014-03-01 02:11 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net
2014-02-27 02:26 - 2014-02-28 03:37 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net
2014-02-27 02:26 - 2014-02-27 02:26 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-26 16:07 - 2014-02-26 16:07 - 00000208 _____ () C:\Users\Dani\Desktop\Path of Exile.url
2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-18 00:18 - 2014-02-18 00:19 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup
2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony
2014-02-18 00:16 - 2009-11-19 14:06 - 00127600 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039bus.sys
2014-02-18 00:16 - 2009-11-19 14:06 - 00015984 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039whnt.sys
2014-02-15 01:24 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-15 01:24 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-15 01:24 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-15 01:23 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 01:23 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 01:23 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 01:23 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-15 01:23 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 01:23 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 01:23 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 01:23 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 01:23 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 01:23 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 01:23 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 01:23 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 01:23 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-15 01:23 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-15 01:23 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-15 01:23 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 01:23 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 01:23 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-15 01:23 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-15 01:23 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-15 01:23 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-15 01:23 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-15 01:23 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-15 01:23 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-02-15 01:23 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-02-15 01:23 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-02-15 01:23 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-02-15 01:23 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-02-15 01:23 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-02-15 01:23 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-02-15 01:23 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-02-15 01:23 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-02-15 01:23 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-02-15 01:23 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-02-15 01:22 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-02-15 01:22 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-15 01:22 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-02-15 01:22 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-11 02:31 - 2014-02-11 02:33 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\dvdcss
2014-02-10 14:29 - 2014-02-10 14:29 - 15492434 _____ () C:\Users\Dani\Desktop\DSC_0028.dng
2014-02-10 14:22 - 2014-02-10 14:22 - 15465786 _____ () C:\Users\Dani\Desktop\DSC_0031.dng
2014-02-09 21:28 - 2014-02-09 21:29 - 07427245 _____ () C:\Users\Dani\Desktop\DSC_0032.dng
2014-02-08 03:20 - 2014-03-01 03:02 - 00001187 _____ () C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-02-06 15:21 - 2014-02-06 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-02 20:34 - 2014-03-01 01:54 - 00000000 ____D () C:\Users\Dani\Desktop\Fasnet14
2014-01-30 12:03 - 2014-01-30 16:36 - 00081458 _____ () C:\Users\Dani\Desktop\536305_20140129_Kontaktdaten_NwT.xlsx
==================== One Month Modified Files and Folders =======
2014-03-01 13:35 - 2014-03-01 13:35 - 00015866 _____ () C:\Users\Dani\Downloads\FRST.txt
2014-03-01 13:35 - 2014-03-01 01:57 - 00000000 ____D () C:\FRST
2014-03-01 13:35 - 2012-12-20 21:05 - 00000000 ____D () C:\Users\Dani\AppData\Local\PMB Files
2014-03-01 13:33 - 2014-03-01 13:33 - 00000822 _____ () C:\Users\Dani\Desktop\JRT.txt
2014-03-01 13:17 - 2014-03-01 13:17 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:16 - 2014-03-01 13:16 - 01037734 _____ (Thisisu) C:\Users\Dani\Downloads\JRT.exe
2014-03-01 13:15 - 2014-03-01 13:15 - 00001043 _____ () C:\Users\Dani\Desktop\AdwCleaner[S0].txt
2014-03-01 13:13 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-S-1-5-21-3053964864-2100263365-1666197601-1001.job
2014-03-01 13:13 - 2012-11-07 00:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-01 13:13 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 13:11 - 2012-11-07 00:26 - 00424928 _____ () C:\Windows\PFRO.log
2014-03-01 13:09 - 2014-03-01 13:00 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:00 - 2014-03-01 13:00 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner(1).exe
2014-03-01 12:59 - 2014-03-01 12:59 - 00000000 _____ () C:\Users\Dani\Downloads\adwcleaner.exe
2014-03-01 12:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-01 03:02 - 2014-02-08 03:20 - 00001187 _____ () C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-01 02:50 - 2014-03-01 02:50 - 00002879 _____ () C:\Users\Dani\Desktop\Gmer.log
2014-03-01 02:37 - 2013-01-08 19:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-01 02:30 - 2014-03-01 02:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 02:27 - 2014-03-01 02:27 - 00013577 _____ () C:\Users\Dani\Desktop\Checks.140228-2010.txt
2014-03-01 02:24 - 2014-03-01 02:24 - 00007700 _____ () C:\Users\Dani\Desktop\Checks.140228-2225.txt
2014-03-01 02:13 - 2014-03-01 02:13 - 00380416 _____ () C:\Users\Dani\Downloads\t4w1kw00.exe
2014-03-01 02:11 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net
2014-03-01 02:04 - 2014-03-01 02:05 - 00043097 _____ () C:\Users\Dani\Desktop\Addition.txt
2014-03-01 02:04 - 2014-03-01 02:05 - 00039677 _____ () C:\Users\Dani\Desktop\FRST.txt
2014-03-01 02:01 - 2012-11-07 01:17 - 01824256 ___SH () C:\Users\Dani\Downloads\Thumbs.db
2014-03-01 01:56 - 2014-03-01 01:56 - 02155520 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2014-03-01 01:54 - 2014-02-02 20:34 - 00000000 ____D () C:\Users\Dani\Desktop\Fasnet14
2014-03-01 01:35 - 2012-12-20 21:05 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-01 00:48 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-sys.job
2014-03-01 00:27 - 2014-03-01 00:20 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-02-28 22:34 - 2014-02-28 22:33 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 21:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files\Opera x64
2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files (x86)\Opera x64
2014-02-28 03:37 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net
2014-02-28 02:30 - 2012-12-20 23:25 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\TS3Client
2014-02-27 15:09 - 2012-11-07 00:43 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3053964864-2100263365-1666197601-1001
2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx
2014-02-27 14:06 - 2013-05-16 12:32 - 00189356 _____ () C:\Windows\DPINST.LOG
2014-02-27 02:26 - 2014-02-27 02:26 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-26 17:58 - 2012-11-07 01:06 - 00000000 ____D () C:\Users\Dani\Documents\My Games
2014-02-26 16:07 - 2014-02-26 16:07 - 00000208 _____ () C:\Users\Dani\Desktop\Path of Exile.url
2014-02-26 13:42 - 2012-11-07 01:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 21:00 - 2012-11-07 01:04 - 00014544 _____ () C:\Users\Dani\Desktop\Filmliste.xlsx
2014-02-22 14:03 - 2012-07-26 11:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-02-22 14:03 - 2012-07-26 11:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-02-22 14:03 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 20:37 - 2013-01-08 19:47 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-18 00:21 - 2012-11-07 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-18 00:19 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup
2014-02-18 00:19 - 2012-11-07 00:36 - 01229151 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony
2014-02-16 15:24 - 2012-12-21 17:54 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-02-16 15:24 - 2012-11-07 11:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 15:23 - 2013-07-19 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 15:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-15 03:42 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-02-15 01:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-13 13:37 - 2012-11-07 01:04 - 05909504 ___SH () C:\Users\Dani\Desktop\Thumbs.db
2014-02-11 04:53 - 2013-01-17 00:50 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\vlc
2014-02-11 02:33 - 2014-02-11 02:31 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\dvdcss
2014-02-11 00:27 - 2014-01-24 17:55 - 02942259 _____ () C:\Users\Dani\Desktop\Das Gehirn.pptx
2014-02-10 18:29 - 2014-01-20 21:14 - 00000000 ____D () C:\Users\Dani\Desktop\50er
2014-02-10 14:29 - 2014-02-10 14:29 - 15492434 _____ () C:\Users\Dani\Desktop\DSC_0028.dng
2014-02-10 14:22 - 2014-02-10 14:22 - 15465786 _____ () C:\Users\Dani\Desktop\DSC_0031.dng
2014-02-09 21:29 - 2014-02-09 21:28 - 07427245 _____ () C:\Users\Dani\Desktop\DSC_0032.dng
2014-02-06 18:13 - 2014-02-06 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 19:09 - 2012-11-14 09:26 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-01 13:41 - 2013-11-11 22:14 - 00000000 ____D () C:\Windows\Minidump
2014-02-01 13:41 - 2012-11-07 00:26 - 00084992 ____N () C:\Windows\Minidump\020114-22713-01.dmp
2014-02-01 10:20 - 2014-02-15 01:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-15 01:23 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 10:19 - 2014-02-15 01:23 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-15 01:23 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-15 01:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-15 01:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 08:58 - 2014-02-15 01:23 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-15 01:23 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-15 01:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-15 01:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-01 08:40 - 2014-02-15 01:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-15 01:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-15 01:23 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-30 22:10 - 2013-11-17 17:16 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2013-11-17 17:16 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 16:36 - 2014-01-30 12:03 - 00081458 _____ () C:\Users\Dani\Desktop\536305_20140129_Kontaktdaten_NwT.xlsx
Files to move or delete:
====================
C:\Users\Dani\AppData\Roaming\CamLayout.ini
C:\Users\Dani\AppData\Roaming\CamShapes.ini
C:\Users\Dani\AppData\Roaming\CamStudio.Producer.Data.ini
Some content of TEMP:
====================
C:\Users\Dani\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Dani\AppData\Local\Temp\ose00000.exe
C:\Users\Dani\AppData\Local\Temp\ose00001.exe
C:\Users\Dani\AppData\Local\Temp\ose00002.exe
C:\Users\Dani\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-27 15:11
==================== End Of Log ============================
--- --- --- |
|
02.03.2014, 08:17
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam Die logfiles der Tools fehlen noch ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.03.2014, 19:34
| #5 |
| | Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam So hier endlich sämtliche Logs! Danke Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.28.10 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16798 Dani :: DANI-PC [Administrator] 01.03.2014 12:59:09 mbam-log-2014-03-01 (12-59-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 245139 Laufzeit: 5 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 01/03/2014 um 13:09:39
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 8 Pro (64 bits)
# Benutzername : Dani - DANI-PC
# Gestartet von : C:\Users\Dani\Downloads\adwcleaner(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Dani\AppData\Local\Temp\OCS
[x] Nicht Gelöscht : C:\Users\Dani\AppData\Roaming\pdfforge
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\caphyon
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16798
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1021 octets] - [01/03/2014 13:08:02]
AdwCleaner[S0].txt - [905 octets] - [01/03/2014 13:09:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [964 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 Pro x64
Ran by Dani on 01.03.2014 at 13:17:37,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Dani\AppData\Roaming\pdfforge"
~~~ FireFox
Emptied folder: C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\p3gyntb7.default\minidumps [298 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.03.2014 at 13:33:41,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dd5c1ddd7368954cb36ac53f1e9bfdd4
# engine=17531
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-20 05:52:46
# local_time=2014-03-20 06:52:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 18513156 45311623 0 0
# compatibility_mode=7937 16777214 28 75 1708345 30383214 0 0
# scanned=254311
# found=0
# cleaned=0
# scan_time=5349
Code:
ATTFilter Results of screen317's Security Check version 0.99.80 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` G Data AntiVirus 2014 Windows Defender Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spyware Terminator 2012 Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 12.0.0.77 Mozilla Firefox (28.0) Mozilla Thunderbird (24.3.0) ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! G Data AntiVirus AVK AVKWCtlX64.exe G Data AntiVirus AVK AVKService.exe G Data AntiVirus AVKTray AVKTray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Dani (administrator) on DANI-PC on 20-03-2014 18:58:12
Running from C:\Users\Dani\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Flux Software LLC) C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [F.lux] - C:\Users\Dani\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [LightShot] - C:\Users\Dani\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] ()
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-20] ()
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\Run: [Steam] - D:\Games\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {3c89804b-96ba-11e3-bf59-f46d04cf6127} - "L:\Startme.exe"
HKU\S-1-5-21-3053964864-2100263365-1666197601-1001\...\MountPoints2: {4aaa9c37-30a5-11e2-be72-f46d04cf6127} - "F:\Setup.EXE"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFDF96472E9CFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E2EBA4A1-F71A-4DFA-AA65-AD9099523CF9}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: YouTube™ Anywhere Player - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{c9d31470-81c6-4e3e-9a37-46eb9237ed3a} [2014-01-17]
FF Extension: SmartVideo For YouTube - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\mytube@ashishmishra.in.xpi [2013-04-15]
FF Extension: Test Pilot - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-11-26]
FF Extension: Adblock Plus - C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\Profiles\p3gyntb7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-26]
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-10-28] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-11-17] (DT Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64856 2013-09-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68440 2013-11-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-10-28] ()
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-26] (Microsoft Corporation)
S3 s1039bus; C:\Windows\System32\drivers\s1039bus.sys [127600 2009-11-19] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\system32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\system32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\system32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\system32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\system32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-03-01] (Windows (R) Win 7 DDK provider)
S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-20 18:58 - 2014-03-20 18:58 - 00000000 ____D () C:\Users\Dani\Downloads\FRST-OlderVersion
2014-03-20 18:57 - 2014-03-20 18:57 - 00001041 _____ () C:\Users\Dani\Desktop\checkup.txt
2014-03-20 18:55 - 2014-03-20 18:55 - 00987442 _____ () C:\Users\Dani\Desktop\SecurityCheck.exe
2014-03-20 17:30 - 2014-03-01 13:09 - 00001043 _____ () C:\Users\Dani\Desktop\AdwCleaner[S0].txt
2014-03-20 17:19 - 2014-03-20 17:20 - 02347384 _____ (ESET) C:\Users\Dani\Downloads\esetsmartinstaller_enu.exe
2014-03-16 23:46 - 2014-03-16 23:50 - 15368769 _____ () C:\Users\Dani\Desktop\DSC_0043.dng
2014-03-16 23:45 - 2014-03-16 15:37 - 16813602 _____ () C:\Users\Dani\Desktop\DSC_0043.NEF
2014-03-12 13:09 - 2014-03-12 13:15 - 13433514 _____ () C:\Users\Dani\Desktop\DSC_0033.dng
2014-03-08 02:25 - 2014-03-08 02:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-07 17:28 - 2014-03-07 17:49 - 00000000 ____D () C:\ProgramData\tmp
2014-03-07 17:28 - 2014-03-07 17:49 - 00000000 ____D () C:\ProgramData\hps
2014-03-07 17:24 - 2014-03-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Mueller Foto
2014-03-07 17:23 - 2014-03-07 17:23 - 01627296 _____ () C:\Users\Dani\Downloads\setup_Mueller_Fotowelt.exe
2014-03-07 14:19 - 2014-03-07 17:36 - 00000000 ____D () C:\Users\Dani\Desktop\Benni Bilderwand
2014-03-05 13:52 - 2014-03-07 13:59 - 00079878 _____ () C:\Users\Dani\Desktop\536305_20130116_Kontaktdaten_NwT.xlsx
2014-03-01 13:35 - 2014-03-20 18:58 - 00016285 _____ () C:\Users\Dani\Downloads\FRST.txt
2014-03-01 13:35 - 2014-03-01 13:36 - 00042760 _____ () C:\Users\Dani\Downloads\Addition.txt
2014-03-01 13:33 - 2014-03-01 13:33 - 00000822 _____ () C:\Users\Dani\Desktop\JRT.txt
2014-03-01 13:17 - 2014-03-01 13:17 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:16 - 2014-03-01 13:16 - 01037734 _____ (Thisisu) C:\Users\Dani\Downloads\JRT.exe
2014-03-01 13:00 - 2014-03-01 13:09 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:00 - 2014-03-01 13:00 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner(1).exe
2014-03-01 12:59 - 2014-03-01 12:59 - 00000000 _____ () C:\Users\Dani\Downloads\adwcleaner.exe
2014-03-01 02:13 - 2014-03-01 02:13 - 00380416 _____ () C:\Users\Dani\Downloads\t4w1kw00.exe
2014-03-01 01:57 - 2014-03-20 18:58 - 00000000 ____D () C:\FRST
2014-03-01 01:56 - 2014-03-20 18:58 - 02157056 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2014-03-01 00:20 - 2014-03-18 18:27 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 23:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-02-28 22:33 - 2014-02-28 22:34 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe
2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx
2014-02-27 02:26 - 2014-03-19 18:01 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net
2014-02-27 02:26 - 2014-03-07 23:27 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-27 02:26 - 2014-02-28 03:37 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment
2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-18 00:18 - 2014-02-18 00:19 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup
2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony
2014-02-18 00:16 - 2009-11-19 14:06 - 00127600 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039bus.sys
2014-02-18 00:16 - 2009-11-19 14:06 - 00015984 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039whnt.sys
==================== One Month Modified Files and Folders =======
2014-03-20 18:58 - 2014-03-20 18:58 - 00000000 ____D () C:\Users\Dani\Downloads\FRST-OlderVersion
2014-03-20 18:58 - 2014-03-01 13:35 - 00016285 _____ () C:\Users\Dani\Downloads\FRST.txt
2014-03-20 18:58 - 2014-03-01 01:57 - 00000000 ____D () C:\FRST
2014-03-20 18:58 - 2014-03-01 01:56 - 02157056 _____ (Farbar) C:\Users\Dani\Downloads\FRST64.exe
2014-03-20 18:57 - 2014-03-20 18:57 - 00001041 _____ () C:\Users\Dani\Desktop\checkup.txt
2014-03-20 18:57 - 2012-11-07 01:04 - 06144000 ___SH () C:\Users\Dani\Desktop\Thumbs.db
2014-03-20 18:57 - 2012-11-07 01:02 - 00739328 ___SH () C:\Users\Dani\Thumbs.db
2014-03-20 18:55 - 2014-03-20 18:55 - 00987442 _____ () C:\Users\Dani\Desktop\SecurityCheck.exe
2014-03-20 18:37 - 2013-01-08 19:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-20 17:20 - 2014-03-20 17:19 - 02347384 _____ (ESET) C:\Users\Dani\Downloads\esetsmartinstaller_enu.exe
2014-03-20 16:54 - 2012-12-20 21:05 - 00000000 ____D () C:\Users\Dani\AppData\Local\PMB Files
2014-03-20 16:54 - 2012-12-20 21:05 - 00000000 ____D () C:\ProgramData\PMB Files
2014-03-20 16:48 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-sys.job
2014-03-20 15:32 - 2012-11-10 19:37 - 00000402 _____ () C:\Windows\Tasks\update-S-1-5-21-3053964864-2100263365-1666197601-1001.job
2014-03-20 14:41 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-20 14:40 - 2012-11-07 00:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-19 18:01 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Battle.net
2014-03-19 02:41 - 2012-12-20 23:25 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\TS3Client
2014-03-18 18:27 - 2014-03-01 00:20 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-03-16 23:50 - 2014-03-16 23:46 - 15368769 _____ () C:\Users\Dani\Desktop\DSC_0043.dng
2014-03-16 18:11 - 2012-11-07 01:04 - 00000000 ____D () C:\Users\Dani\Desktop\Pix-Neu
2014-03-16 15:37 - 2014-03-16 23:45 - 16813602 _____ () C:\Users\Dani\Desktop\DSC_0043.NEF
2014-03-15 16:21 - 2012-11-07 01:17 - 01895936 ___SH () C:\Users\Dani\Downloads\Thumbs.db
2014-03-15 12:09 - 2012-12-20 23:24 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-12 13:15 - 2014-03-12 13:09 - 13433514 _____ () C:\Users\Dani\Desktop\DSC_0033.dng
2014-03-11 18:37 - 2013-01-08 19:47 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 14:22 - 2014-02-02 20:34 - 00000000 ____D () C:\Users\Dani\Desktop\Fasnet14
2014-03-10 13:29 - 2012-11-07 01:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-08 17:51 - 2014-02-08 03:20 - 00001187 _____ () C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-08 02:25 - 2014-03-08 02:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-07 23:27 - 2014-02-27 02:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-07 17:49 - 2014-03-07 17:28 - 00000000 ____D () C:\ProgramData\tmp
2014-03-07 17:49 - 2014-03-07 17:28 - 00000000 ____D () C:\ProgramData\hps
2014-03-07 17:36 - 2014-03-07 14:19 - 00000000 ____D () C:\Users\Dani\Desktop\Benni Bilderwand
2014-03-07 17:24 - 2014-03-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Mueller Foto
2014-03-07 17:23 - 2014-03-07 17:23 - 01627296 _____ () C:\Users\Dani\Downloads\setup_Mueller_Fotowelt.exe
2014-03-07 14:12 - 2014-01-30 12:03 - 00081460 _____ () C:\Users\Dani\Desktop\Daniel Evers-Daten.xlsx
2014-03-07 13:59 - 2014-03-05 13:52 - 00079878 _____ () C:\Users\Dani\Desktop\536305_20130116_Kontaktdaten_NwT.xlsx
2014-03-07 12:49 - 2012-11-07 00:26 - 00425256 _____ () C:\Windows\PFRO.log
2014-03-01 13:36 - 2014-03-01 13:35 - 00042760 _____ () C:\Users\Dani\Downloads\Addition.txt
2014-03-01 13:33 - 2014-03-01 13:33 - 00000822 _____ () C:\Users\Dani\Desktop\JRT.txt
2014-03-01 13:17 - 2014-03-01 13:17 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 13:16 - 2014-03-01 13:16 - 01037734 _____ (Thisisu) C:\Users\Dani\Downloads\JRT.exe
2014-03-01 13:09 - 2014-03-20 17:30 - 00001043 _____ () C:\Users\Dani\Desktop\AdwCleaner[S0].txt
2014-03-01 13:09 - 2014-03-01 13:00 - 00000000 ____D () C:\AdwCleaner
2014-03-01 13:00 - 2014-03-01 13:00 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner(1).exe
2014-03-01 12:59 - 2014-03-01 12:59 - 00000000 _____ () C:\Users\Dani\Downloads\adwcleaner.exe
2014-03-01 02:13 - 2014-03-01 02:13 - 00380416 _____ () C:\Users\Dani\Downloads\t4w1kw00.exe
2014-03-01 00:20 - 2014-03-01 00:20 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Spyware Terminator
2014-03-01 00:20 - 2014-03-01 00:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-28 23:34 - 2014-02-28 23:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-28 23:32 - 2014-02-28 23:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dani\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 23:32 - 2014-02-28 23:32 - 05049344 _____ (Crawler.com ) C:\Users\Dani\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-02-28 22:34 - 2014-02-28 22:33 - 01244192 _____ () C:\Users\Dani\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 21:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files\Opera x64
2014-02-28 16:13 - 2012-11-21 11:14 - 00000000 ____D () C:\Program Files (x86)\Opera x64
2014-02-28 03:37 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Battle.net
2014-02-27 15:09 - 2012-11-07 00:43 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3053964864-2100263365-1666197601-1001
2014-02-27 14:21 - 2014-02-27 14:21 - 00085308 _____ () C:\Users\Dani\Downloads\20130905_VVS.pptx
2014-02-27 14:06 - 2013-05-16 12:32 - 00189356 _____ () C:\Windows\DPINST.LOG
2014-02-27 02:26 - 2014-02-27 02:26 - 00000000 ____D () C:\Users\Dani\AppData\Local\Blizzard Entertainment
2014-02-26 17:58 - 2012-11-07 01:06 - 00000000 ____D () C:\Users\Dani\Documents\My Games
2014-02-23 21:00 - 2012-11-07 01:04 - 00014544 _____ () C:\Users\Dani\Desktop\Filmliste.xlsx
2014-02-22 14:03 - 2012-07-26 11:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-02-22 14:03 - 2012-07-26 11:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-02-22 14:03 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 00:21 - 2012-11-07 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-18 00:19 - 2014-02-18 00:19 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-18 00:19 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony Setup
2014-02-18 00:19 - 2012-11-07 00:36 - 01229151 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 00:18 - 2014-02-18 00:18 - 00000000 ____D () C:\Users\Dani\AppData\Roaming\Sony
Files to move or delete:
====================
C:\Users\Dani\AppData\Roaming\CamLayout.ini
C:\Users\Dani\AppData\Roaming\CamShapes.ini
C:\Users\Dani\AppData\Roaming\CamStudio.Producer.Data.ini
Some content of TEMP:
====================
C:\Users\Dani\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Dani\AppData\Local\Temp\ose00000.exe
C:\Users\Dani\AppData\Local\Temp\ose00001.exe
C:\Users\Dani\AppData\Local\Temp\ose00002.exe
C:\Users\Dani\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-18 22:34
==================== End Of Log ============================
--- --- --- |
|
21.03.2014, 11:13
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam |
|
| Themen zu Windows 8 Pro x64: Firefox lädt Seiten nur nach wiederholtem Aktualisieren und untypisch langsam |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, battle.net, bingbar, converter, desktop, excel, failed, firefox, firefox 28.0, firefox langsam, flash player, g-data, google, helper, helper.exe, installation, koyote, langsam, league of legends, mozilla, ntdll.dll, officejet, programm, realtek, registry, registry key, rundll, scan, security, services.exe, software, spyware, tracker, usb, warnung, windows |
Linear-Darstellung
