Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Keine Internetverbindung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.07.2013, 11:54   #1
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Hallo.
Gerade macht mein eigener Laptop ein paar Probleme.
Er verbindet sivh immer nur eingeschränkt mit dem wlan und überhäupt nicht über kabel.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 03 (ATTENTION: FRST version is 21 days old)
Ran by K.Badekow (administrator) on 02-07-2013 12:50:52
Running from D:\Rapidshare
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe
() C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNACBSWK.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [170496 2013-04-13] (Sun Microsystems, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [NcpBudgetGui] "C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe" -start [1001472 2013-01-07] (NCP engineering GmbH)
HKLM-x32\...\Run: [NcpPopup] "C:\Program Files (x86)\NCP\SecureClient\ncppopup.exe" noerrmsg [1011280 2012-03-20] (NCP engineering GmbH)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NcpRsuGui] "C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe" -gui [883792 2011-08-22] (NCP engineering GmbH)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\K.Badekow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\K.Badekow\AppData\Roaming\Mozilla\Firefox\Profiles\vmhd2vpj.default
FF SelectedSearchEngine: Search the web (Babylon)
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @rim.com/npappworld - C:\Program Files (x86)\Research In Motion Limited\Browser-Plug-In f�r BlackBerry App World\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Adobe InDesign\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-16] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Lexware_Professional_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2008-07-02] (iAnywhere Solutions, Inc.)
R2 ncpclcfg; C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe [139896 2012-07-12] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe [1650736 2013-01-16] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE [119808 2011-04-21] ()
R2 rwsrsu; C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe [883792 2011-08-22] (NCP engineering GmbH)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-17] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [75888 2010-09-27] (Atheros Communications, Inc.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-06-29 22:04 - 2013-06-29 22:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:17 - 2013-06-29 21:17 - 00000000 ____D C:\Program Files\Adobe
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:56 - 2013-06-29 20:57 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-27 21:03 - 2013-06-27 21:05 - 00000000 ____D C:\tmp
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:22 - 2013-06-26 08:25 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:51 - 2013-06-24 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 10:35 - 2013-06-20 10:36 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-15 22:23 - 2013-06-15 22:24 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 15:06 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:06 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:06 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:06 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:06 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:01 - 2013-06-14 22:02 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:34 - 2013-06-12 08:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:53 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-11 22:53 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-11 22:53 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 22:53 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-11 19:32 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 19:32 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 19:32 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 19:32 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 19:32 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 19:32 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 19:32 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 19:31 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 19:31 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-05 06:24 - 2012-10-17 16:37 - 00397312 ____A (Koyote Soft) C:\Windows\SysWOW64\TubeFinder.exe
2013-06-05 06:24 - 2011-09-28 09:18 - 00364544 ____A C:\Windows\SysWOW64\PropertyGrid.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00208500 ____A C:\Windows\SysWOW64\ReyXpBasics.tlb
2013-06-05 06:24 - 2011-09-28 09:18 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00084512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00024576 ____A C:\Windows\SysWOW64\ControlSubX.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:10 - 2013-06-02 21:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== One Month Modified Files and Folders =======

2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:47 - 2012-02-16 21:41 - 00000000 ____D C:\ProgramData\MFAData
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-02 12:42 - 2013-05-02 23:57 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-07-02 12:42 - 2013-02-01 12:09 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Dropbox
2013-07-02 12:42 - 2013-01-19 15:23 - 00000431 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-02 12:42 - 2012-05-17 12:45 - 00000000 ____D C:\ProgramData\VMware
2013-07-02 12:41 - 2012-01-10 21:14 - 00094668 ____A C:\Windows\setupact.log
2013-07-02 12:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 11:21 - 2012-02-16 10:29 - 01971468 ____A C:\Windows\WindowsUpdate.log
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:17 - 2012-08-04 09:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-07-01 11:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-29 22:05 - 2013-06-29 22:04 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:19 - 2012-05-18 22:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-06-29 21:17 - 2013-06-29 21:17 - 00000000 ____D C:\Program Files\Adobe
2013-06-29 21:17 - 2012-05-15 20:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-29 21:17 - 2012-02-16 20:30 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Adobe
2013-06-29 21:16 - 2012-02-16 21:36 - 00000000 ____D C:\ProgramData\Adobe
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:57 - 2013-06-29 20:56 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 20:56 - 2012-10-02 09:22 - 593580212 ____A C:\Windows\MEMORY.DMP
2013-06-29 20:56 - 2012-10-02 09:22 - 00000000 ____D C:\Windows\Minidump
2013-06-29 20:53 - 2012-05-17 13:17 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VMware
2013-06-29 20:50 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-29 20:47 - 2012-05-17 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\VMware
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-28 10:51 - 2012-02-19 13:20 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\Adobe
2013-06-28 01:48 - 2012-03-11 15:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Skype
2013-06-27 22:31 - 2013-01-30 19:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-27 22:31 - 2012-03-11 15:27 - 00000000 ____D C:\ProgramData\Skype
2013-06-27 21:59 - 2012-02-17 03:00 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\vlc
2013-06-27 21:05 - 2013-06-27 21:03 - 00000000 ____D C:\tmp
2013-06-27 21:03 - 2012-02-16 10:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VirtualStore
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 19:12 - 2013-04-27 12:49 - 00001992 ___AH C:\Users\K.Badekow\Documents\Default.rdp
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-27 10:30 - 2013-05-31 20:43 - 00010304 ____A C:\Users\K.Badekow\Desktop\mtl.ods
2013-06-26 14:11 - 2012-12-02 15:54 - 00068376 ____A C:\Users\K.Badekow\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 14:09 - 2013-02-09 22:44 - 00000000 ____D C:\Users\K.Badekow\Documents\Rudeloff
2013-06-26 14:05 - 2009-07-14 06:45 - 04930256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-26 12:19 - 2012-02-16 21:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 11:59 - 2013-01-30 19:20 - 00000000 ____D C:\Users\K.Badekow\Documents\Betriebswirt
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:37 - 2012-02-16 10:36 - 00000000 ____D C:\users\K.Badekow
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:25 - 2013-06-26 08:22 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:22 - 2013-04-18 18:37 - 00000000 ____D C:\Users\K.Badekow\Documents\Handelsgesellschaft Badekow
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 20:46 - 2011-04-12 09:43 - 00713452 ____A C:\Windows\System32\perfh007.dat
2013-06-25 20:46 - 2011-04-12 09:43 - 00156276 ____A C:\Windows\System32\perfc007.dat
2013-06-25 20:46 - 2009-07-14 07:13 - 01659940 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:52 - 2013-06-24 12:51 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 11:39 - 2012-02-16 21:43 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-24 11:39 - 2012-02-16 20:50 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 19:11 - 2013-04-19 22:50 - 00022318 ____A C:\Users\K.Badekow\Documents\Zeugnis Badekow2.odt
2013-06-20 10:36 - 2013-06-20 10:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-17 13:50 - 2010-11-21 05:47 - 00132972 ____A C:\Windows\PFRO.log
2013-06-15 22:24 - 2013-06-15 22:23 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 22:24 - 2012-02-16 20:28 - 00000000 ____D C:\Users\K.Badekow\.dvdcss
2013-06-15 11:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:02 - 2013-06-14 22:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:35 - 2013-06-12 08:34 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:54 - 2012-01-10 20:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 22:00 - 2012-12-13 21:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\PokerStars.EU
2013-06-11 21:17 - 2012-04-05 22:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2012-02-16 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-08 16:08 - 2013-06-15 15:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 15:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 15:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-04 17:41 - 2013-04-09 20:59 - 00000000 ____D C:\ProgramData\Lexware
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:11 - 2013-06-02 21:10 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 20:36

End of log
         
Achja. Möglich dass dieser Störenfried aus einem keymaker entsprungen ist, den nen Kumpel unbedingt downloaden wollte.

Viele Grüße und vielen Dank
Kay

Geändert von Teronius (02.07.2013 um 12:12 Uhr)

Alt 02.07.2013, 12:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Hi,

bitte noch das machen:

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Minidump Files
Klicke Go und poste den Inhalt der Result.txt.
__________________

__________________

Alt 02.07.2013, 12:28   #3
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Code:
ATTFilter
Farbar Service Scanner Version: 27-06-2013
Ran by K.Badekow (administrator) on 02-07-2013 at 13:22:19
Running from "C:\Users\K.Badekow\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         
Code:
ATTFilter
MiniToolBox by Farbar  Version: 16-06-2013
Ran by K.Badekow (administrator) on 02-07-2013 at 13:23:11
Running from "C:\Users\K.Badekow\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl攕ungscache wurde geleert.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

	

                                                                                                                                                                                                                  127.0.0.1 hl2rcv.adobe.de
       127.0.0.1 activate.adobe.com
       127.0.0.1 practivate.adobe.com
       127.0.0.1 ereg.adobe.com
       127.0.0.1 activate.wip3.adobe.com
       127.0.0.1 wip3.adobe.com
       127.0.0.1 3dns-3.adobe.com
       127.0.0.1 3dns-2.adobe.com
       127.0.0.1 adobe-dns.adobe.com
       127.0.0.1 adobe-dns-2.adobe.com
       127.0.0.1 adobe-dns-3.adobe.com
       127.0.0.1 ereg.wip3.adobe.com
       127.0.0.1 activate-sea.adobe.com
       127.0.0.1 wwis-dubc1-vip60.adobe.com
       127.0.0.1 activate-sjc0.adobe.com
       127.0.0.1 adobe.activate.com
       127.0.0.1 hl2rcv.adobe.com
       127.0.0.1 209.34.83.73:443
       127.0.0.1 209.34.83.73:43
       127.0.0.1 209.34.83.73

There are 61 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
NCP Secure Client Virtual NDIS6 Adapter = LAN-Verbindung 2 (Hardware not present)
Atheros AR8151 PCI-E Gigabit Ethernet Controller = LAN-Verbindung (Media disconnected)
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Media disconnected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="LAN-Verbindung 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.137.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.219.1 mask=255.255.255.0


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : Tero
   Prim剅es DNS-Suffix . . . . . . . : 
   Knotentyp . . . . . . . . . . . . : Broadcast
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein

Tunneladapter LAN-Verbindung* 3:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung. . . . . . . . . . . : Microsoft-Teredo-Tunneling-Adapter
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
Server:  UnKnown
Address:  127.0.0.1

Ping-Anforderung konnte Host "google.com" nicht finden. 歜erpr乫en Sie den Namen, und versuchen Sie es erneut.
Server:  UnKnown
Address:  127.0.0.1

Ping-Anforderung konnte Host "yahoo.com" nicht finden. 歜erpr乫en Sie den Namen, und versuchen Sie es erneut.

Ping wird ausgef乭rt f乺 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik f乺 127.0.0.1:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft-Teredo-Tunneling-Adapter
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
===========================================================================
St刵dige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
  1    306 ::1/128                  Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
===========================================================================
St刵dige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)
x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/02/2013 00:59:42 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (07/02/2013 00:43:07 PM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:02:53 AM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:00:43 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist f黵 "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/01/2013 10:52:22 AM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/29/2013 10:50:05 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist f黵 "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/29/2013 10:05:44 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:03:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:23 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-02-20 19:22:40.185
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:40.162
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.487
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.466
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.657
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.635
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.729
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.708
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.706
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.686
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.7.0.1530)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Help Manager (Version: 4.0.244)
Adobe InDesign CS5 (Version: 7.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Lightroom 4 64-bit (Version: 4.0.1)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe� Content Viewer (Version: 3.1.0)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
AviSynth 2.5
Bandicam (Version: 1.8.6.321)
Bandisoft MPEG-1 Decoder
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Browser-Plug-In f黵 BlackBerry App World (Version: 4.2.1.8)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon LBP7010C/7018C
Canon MP Navigator EX 4.0
CanoScan LiDE 110 Scanner Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Curse Client (Version: 4.0.1.260)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
dakota.ag (Version: 5.0.0.0)
DivX-Setup (Version: 2.6.1.24)
DragonCastle (Version: 1.0)
Dropbox (Version: 2.0.22)
ElsterFormular (Version: 14.3.20130522)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FLAC To MP3 V4.0.4
Free FLV Converter V 7.5.0 (Version: 7.5.0.0)
Glary Utilities 2.55.0.1790 (Version: 2.55.0.1790)
Guard.ICQ
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP LJ300-400 color MFP M375-M475
HP LJ300-400 color MFP M375-M475 Fax (Version: 24.0.0.0)
HP LJ300-400 M375-M475 HP Scan (Version: 1.0.302.0)
HP Product Detection (Version: 11.14.0001)
HP Product FWUpdater (Version: 4.0.0.6579)
HP Unified IO (Version: 1.0.1.94)
HP Update (Version: 5.003.001.001)
hpbDSService (Version: 001.001.05133)
hpbM375M475DSService (Version: 001.001.05164)
HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (Version: 1.01.0000)
HPLJDXPHelper (Version: 020.021.004)
HPLJUTCore (Version: 1.02.0014)
HPLJUTM375-M475 (Version: 1.02.0013)
hppFaxDrvM375M475 (Version: 003.000.00002)
hppLaserJetService (Version: 009.022.00806)
hppM375_M475LaserJetService (Version: 005.020.00094)
hppSendFaxM375M475 (Version: 003.000.00002)
hppToolboxProxyM375 (Version: 020.021.004)
hpStatusAlerts (Version: 020.025.1119)
hpStatusAlertsM375_M475 (Version: 020.023.01805)
ICQ Sparberater (Version: 1.3.671)
ICQ7.7 (Version: 7.7)
ImagXpress (Version: 7.0.74.0)
InstanceFinder (Version: 020.021.004)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 13 (64-bit) (Version: 6.0.130)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexware Admintools Pro (Version: 11.50.00.0135)
Lexware financial office pro 2011 (Version: 11.50.00.0235)
Lexware financial office pro 2011 (Version: 11.63.00.0283)
Lexware Info Service (Version: 2.70.00.0081)
Lexware online banking (Version: 11.00.00.0039)
Lexware professional Datenbank 2011 (Version: 11.50.00.0148)
LJDXPHelperUI (Version: 020.021.004)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software-Treiberpaket (Version: 12.10.1110)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPhoneExplorer (Version: 1.8.4)
NCP Secure Entry Client (Version: 9.31 Build 104)
Nero 7 Premium (Version: 7.01.4068)
Nero ControlCenter (Version: 0.0.0.1)
Nero Disc Copy Gadget Help (Version: 2.0.0.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero Live Help (Version: 1.0.162.0)
neroxml (Version: 1.0.0)
Nexon Game Manager
OpenOffice.org 3.3 (Version: 3.3.9567)
Oracle VM VirtualBox 4.2.6 (Version: 4.2.6)
OutlookAddInNet3Setup (Version: 1.0.0)
Pandora's Box 2 (Version: 2.0.0.5)
PDF Settings CS5 (Version: 10.0)
PDF24 Creator 5.4.0
PDFCreator (Version: 1.5.0)
PokerStars.eu
PS3 Media Server (Version: 1.82.0)
QuickTime (Version: 7.74.80.86)
Samsung Kies (Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype� 6.5 (Version: 6.5.158)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
TeamViewer 8 (Version: 8.0.16642)
TERA (Version: 7)
ToolboxProxy (Version: 020.023.005)
tools-windows (Version: 8.8.2.703057)
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
Ultima Online 2D Client (Version: 5.0.9)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Vampire Editor
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vistaprint Fotob點her
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
VmciSockets (Version: 9.1.54.1)
VMware Player (Version: 4.0.3.29699)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows XP Mode (Version: 1.3.7600.16422)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8173.86 MB
Available physical RAM: 6153.54 MB
Total Pagefile: 16345.9 MB
Available Pagefile: 14252.22 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.13 MB

========================= Partitions: =====================================

1 Drive c: (C) (Fixed) (Total:449.66 GB) (Free:326.87 GB) NTFS
2 Drive d: (D) (Fixed) (Total:465.76 GB) (Free:152.29 GB) NTFS
5 Drive g: () (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT

========================= Users: ========================================

Benutzerkonten f乺 \\TERO

Administrator            ASPNET                   Gast                     
K.Badekow                
Der Befehl wurde erfolgreich ausgef乭rt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
         
Gruß Kay
__________________

Alt 02.07.2013, 13:37   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Zitat:
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
Nicht nett.

Dateien, wie Crack.exe, Keygen.exe oder Patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte.
Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf
Anleitung zum Neu aufsetzten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.07.2013, 13:43   #5
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Das hat mir mein Kollege so eingestellt, weil er meinte, dass ich so sein InDesign nutzen könnte, dass ich im endeffekt nur einmal brauchte, weil ich die datei dann in pdf konvertieren konnte und das mir ausreichte.
Kann alles runter von mir aus


Alt 02.07.2013, 13:48   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Dann bitte alles von Adobe, was drauf ist, deinstallieren, und frische Logs.
__________________
--> Keine Internetverbindung

Alt 02.07.2013, 14:35   #7
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Code:
ATTFilter
SMiniToolBox by Farbar  Version: 16-06-2013
Ran by K.Badekow (administrator) on 02-07-2013 at 15:23:53
Running from "C:\Users\K.Badekow\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl攕ungscache wurde geleert.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

	

       

========================= IP Configuration: ================================

VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
NCP Secure Client Virtual NDIS6 Adapter = LAN-Verbindung 2 (Hardware not present)
Atheros AR8151 PCI-E Gigabit Ethernet Controller = LAN-Verbindung (Media disconnected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="LAN-Verbindung 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.137.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.219.1 mask=255.255.255.0


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : Tero
   Prim剅es DNS-Suffix . . . . . . . : 
   Knotentyp . . . . . . . . . . . . : Broadcast
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein

Tunneladapter LAN-Verbindung* 3:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung. . . . . . . . . . . : Microsoft-Teredo-Tunneling-Adapter
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
Server:  UnKnown
Address:  127.0.0.1

Ping-Anforderung konnte Host "google.com" nicht finden. 歜erpr乫en Sie den Namen, und versuchen Sie es erneut.
Server:  UnKnown
Address:  127.0.0.1

Ping-Anforderung konnte Host "yahoo.com" nicht finden. 歜erpr乫en Sie den Namen, und versuchen Sie es erneut.

Ping wird ausgef乭rt f乺 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik f乺 127.0.0.1:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft-Teredo-Tunneling-Adapter
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
===========================================================================
St刵dige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
  1    306 ::1/128                  Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
===========================================================================
St刵dige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [63088] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)
x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [67184] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/02/2013 00:59:42 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (07/02/2013 00:43:07 PM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:02:53 AM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:00:43 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist f黵 "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/01/2013 10:52:22 AM) (Source: DCOM) (User: NT-AUTORIT腡)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORIT腡SYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/29/2013 10:50:05 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist f黵 "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/29/2013 10:05:44 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:03:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:23 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-02-20 19:22:40.185
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:40.162
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.487
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.466
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.657
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.635
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.729
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.708
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.706
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.686
  Description: Windows konnte die Abbildintegrit鋞 der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht 黚erpr黤en, weil der Dateihash nicht im System gefunden wurde. M鰃licherweise wurde durch eine k黵zlich durchgef黨rte Hardware- oder Software鋘derung eine falsch signierte oder besch鋎igte Datei oder eine Datei, bei der es sich um sch鋎liche Software aus einer unbekannten Quelle handelt, installiert.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
AviSynth 2.5
Bandicam (Version: 1.8.6.321)
Bandisoft MPEG-1 Decoder
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Browser-Plug-In f黵 BlackBerry App World (Version: 4.2.1.8)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon LBP7010C/7018C
Canon MP Navigator EX 4.0
CanoScan LiDE 110 Scanner Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Curse Client (Version: 4.0.1.260)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
dakota.ag (Version: 5.0.0.0)
DivX-Setup (Version: 2.6.1.24)
DragonCastle (Version: 1.0)
Dropbox (Version: 2.0.22)
ElsterFormular (Version: 14.3.20130522)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FLAC To MP3 V4.0.4
Free FLV Converter V 7.5.0 (Version: 7.5.0.0)
Glary Utilities 2.55.0.1790 (Version: 2.55.0.1790)
Guard.ICQ
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP LJ300-400 color MFP M375-M475
HP LJ300-400 color MFP M375-M475 Fax (Version: 24.0.0.0)
HP LJ300-400 M375-M475 HP Scan (Version: 1.0.302.0)
HP Product Detection (Version: 11.14.0001)
HP Product FWUpdater (Version: 4.0.0.6579)
HP Unified IO (Version: 1.0.1.94)
HP Update (Version: 5.003.001.001)
hpbDSService (Version: 001.001.05133)
hpbM375M475DSService (Version: 001.001.05164)
HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (Version: 1.01.0000)
HPLJDXPHelper (Version: 020.021.004)
HPLJUTCore (Version: 1.02.0014)
HPLJUTM375-M475 (Version: 1.02.0013)
hppFaxDrvM375M475 (Version: 003.000.00002)
hppLaserJetService (Version: 009.022.00806)
hppM375_M475LaserJetService (Version: 005.020.00094)
hppSendFaxM375M475 (Version: 003.000.00002)
hppToolboxProxyM375 (Version: 020.021.004)
hpStatusAlerts (Version: 020.025.1119)
hpStatusAlertsM375_M475 (Version: 020.023.01805)
ICQ Sparberater (Version: 1.3.671)
ICQ7.7 (Version: 7.7)
ImagXpress (Version: 7.0.74.0)
InstanceFinder (Version: 020.021.004)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 13 (64-bit) (Version: 6.0.130)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexware Admintools Pro (Version: 11.50.00.0135)
Lexware financial office pro 2011 (Version: 11.50.00.0235)
Lexware financial office pro 2011 (Version: 11.63.00.0283)
Lexware Info Service (Version: 2.70.00.0081)
Lexware online banking (Version: 11.00.00.0039)
Lexware professional Datenbank 2011 (Version: 11.50.00.0148)
LJDXPHelperUI (Version: 020.021.004)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software-Treiberpaket (Version: 12.10.1110)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPhoneExplorer (Version: 1.8.4)
NCP Secure Entry Client (Version: 9.31 Build 104)
Nero 7 Premium (Version: 7.01.4068)
Nero ControlCenter (Version: 0.0.0.1)
Nero Disc Copy Gadget Help (Version: 2.0.0.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero Live Help (Version: 1.0.162.0)
neroxml (Version: 1.0.0)
Nexon Game Manager
OpenOffice.org 3.3 (Version: 3.3.9567)
Oracle VM VirtualBox 4.2.6 (Version: 4.2.6)
OutlookAddInNet3Setup (Version: 1.0.0)
Pandora's Box 2 (Version: 2.0.0.5)
PDF24 Creator 5.4.0
PDFCreator (Version: 1.5.0)
PokerStars.eu
PS3 Media Server (Version: 1.82.0)
QuickTime (Version: 7.74.80.86)
Samsung Kies (Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype� 6.5 (Version: 6.5.158)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
TeamViewer 8 (Version: 8.0.16642)
TERA (Version: 7)
ToolboxProxy (Version: 020.023.005)
tools-windows (Version: 8.8.2.703057)
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
Ultima Online 2D Client (Version: 5.0.9)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Vampire Editor
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vistaprint Fotob點her
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
VmciSockets (Version: 9.1.54.1)
VMware Player (Version: 4.0.3.29699)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows XP Mode (Version: 1.3.7600.16422)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 8173.86 MB
Available physical RAM: 5816.93 MB
Total Pagefile: 16345.9 MB
Available Pagefile: 13868.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.12 MB

========================= Partitions: =====================================

1 Drive c: (C) (Fixed) (Total:449.66 GB) (Free:329.86 GB) NTFS
2 Drive d: (D) (Fixed) (Total:465.76 GB) (Free:156.44 GB) NTFS

========================= Users: ========================================

Benutzerkonten f乺 \\TERO

Administrator            ASPNET                   Gast                     
K.Badekow                
Der Befehl wurde erfolgreich ausgef乭rt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 03 (ATTENTION: FRST version is 21 days old)
Ran by K.Badekow (administrator) on 02-07-2013 15:27:55
Running from C:\Users\K.Badekow\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe
() C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNACBSWK.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [170496 2013-04-13] (Sun Microsystems, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [NcpBudgetGui] "C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe" -start [1001472 2013-01-07] (NCP engineering GmbH)
HKLM-x32\...\Run: [NcpPopup] "C:\Program Files (x86)\NCP\SecureClient\ncppopup.exe" noerrmsg [1011280 2012-03-20] (NCP engineering GmbH)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NcpRsuGui] "C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe" -gui [883792 2011-08-22] (NCP engineering GmbH)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\K.Badekow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\K.Badekow\AppData\Roaming\Mozilla\Firefox\Profiles\vmhd2vpj.default
FF SelectedSearchEngine: Search the web (Babylon)
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @rim.com/npappworld - C:\Program Files (x86)\Research In Motion Limited\Browser-Plug-In f�r BlackBerry App World\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Adobe InDesign\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-16] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Lexware_Professional_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2008-07-02] (iAnywhere Solutions, Inc.)
R2 ncpclcfg; C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe [139896 2012-07-12] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe [1650736 2013-01-16] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE [119808 2011-04-21] ()
R2 rwsrsu; C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe [883792 2011-08-22] (NCP engineering GmbH)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-17] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [75888 2010-09-27] (Atheros Communications, Inc.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 15:04 - 2013-06-11 20:06 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:23 - 2013-07-02 15:25 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 13:22 - 2013-07-02 15:26 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-06-29 22:04 - 2013-06-29 22:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:56 - 2013-06-29 20:57 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-27 21:03 - 2013-06-27 21:05 - 00000000 ____D C:\tmp
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:22 - 2013-06-26 08:25 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:51 - 2013-06-24 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 10:35 - 2013-06-20 10:36 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-15 22:23 - 2013-06-15 22:24 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 15:06 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:06 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:06 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:06 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:06 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:01 - 2013-06-14 22:02 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:34 - 2013-06-12 08:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:53 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-11 22:53 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-11 22:53 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 22:53 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-11 19:32 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 19:32 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 19:32 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 19:32 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 19:32 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 19:32 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 19:32 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 19:31 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 19:31 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-05 06:24 - 2012-10-17 16:37 - 00397312 ____A (Koyote Soft) C:\Windows\SysWOW64\TubeFinder.exe
2013-06-05 06:24 - 2011-09-28 09:18 - 00364544 ____A C:\Windows\SysWOW64\PropertyGrid.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00208500 ____A C:\Windows\SysWOW64\ReyXpBasics.tlb
2013-06-05 06:24 - 2011-09-28 09:18 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00084512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00024576 ____A C:\Windows\SysWOW64\ControlSubX.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:10 - 2013-06-02 21:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== One Month Modified Files and Folders =======

2013-07-02 15:26 - 2013-07-02 13:22 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 15:25 - 2013-07-02 13:23 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 15:22 - 2012-02-16 21:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-02 15:17 - 2012-08-04 09:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 15:14 - 2012-02-16 10:29 - 01971644 ____A C:\Windows\WindowsUpdate.log
2013-07-02 14:09 - 2012-02-16 20:30 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Adobe
2013-07-02 14:08 - 2012-05-15 20:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-02 14:08 - 2012-02-16 21:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 13:20 - 2013-02-01 12:09 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Dropbox
2013-07-02 13:06 - 2012-02-19 13:20 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\Adobe
2013-07-02 13:05 - 2011-04-12 09:43 - 00713452 ____A C:\Windows\System32\perfh007.dat
2013-07-02 13:05 - 2011-04-12 09:43 - 00156276 ____A C:\Windows\System32\perfc007.dat
2013-07-02 13:05 - 2009-07-14 07:13 - 01659940 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 13:04 - 2013-04-18 18:37 - 00000000 ____D C:\Users\K.Badekow\Documents\Handelsgesellschaft Badekow
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:47 - 2012-02-16 21:41 - 00000000 ____D C:\ProgramData\MFAData
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-02 12:42 - 2013-05-02 23:57 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-07-02 12:42 - 2013-01-19 15:23 - 00000431 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-02 12:42 - 2012-05-17 12:45 - 00000000 ____D C:\ProgramData\VMware
2013-07-02 12:41 - 2012-01-10 21:14 - 00094668 ____A C:\Windows\setupact.log
2013-07-02 12:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-07-01 11:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-29 22:05 - 2013-06-29 22:04 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:19 - 2012-05-18 22:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:57 - 2013-06-29 20:56 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 20:56 - 2012-10-02 09:22 - 593580212 ____A C:\Windows\MEMORY.DMP
2013-06-29 20:56 - 2012-10-02 09:22 - 00000000 ____D C:\Windows\Minidump
2013-06-29 20:53 - 2012-05-17 13:17 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VMware
2013-06-29 20:50 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-29 20:47 - 2012-05-17 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\VMware
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-28 01:48 - 2012-03-11 15:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Skype
2013-06-27 22:31 - 2013-01-30 19:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-27 22:31 - 2012-03-11 15:27 - 00000000 ____D C:\ProgramData\Skype
2013-06-27 21:59 - 2012-02-17 03:00 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\vlc
2013-06-27 21:05 - 2013-06-27 21:03 - 00000000 ____D C:\tmp
2013-06-27 21:03 - 2012-02-16 10:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VirtualStore
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 19:12 - 2013-04-27 12:49 - 00001992 ___AH C:\Users\K.Badekow\Documents\Default.rdp
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-27 10:30 - 2013-05-31 20:43 - 00010304 ____A C:\Users\K.Badekow\Desktop\mtl.ods
2013-06-26 14:11 - 2012-12-02 15:54 - 00068376 ____A C:\Users\K.Badekow\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 14:09 - 2013-02-09 22:44 - 00000000 ____D C:\Users\K.Badekow\Documents\Rudeloff
2013-06-26 14:05 - 2009-07-14 06:45 - 04930256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 11:59 - 2013-01-30 19:20 - 00000000 ____D C:\Users\K.Badekow\Documents\Betriebswirt
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:37 - 2012-02-16 10:36 - 00000000 ____D C:\users\K.Badekow
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:25 - 2013-06-26 08:22 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:52 - 2013-06-24 12:51 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 11:39 - 2012-02-16 21:43 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-24 11:39 - 2012-02-16 20:50 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 19:11 - 2013-04-19 22:50 - 00022318 ____A C:\Users\K.Badekow\Documents\Zeugnis Badekow2.odt
2013-06-20 10:36 - 2013-06-20 10:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-17 13:50 - 2010-11-21 05:47 - 00132972 ____A C:\Windows\PFRO.log
2013-06-15 22:24 - 2013-06-15 22:23 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 22:24 - 2012-02-16 20:28 - 00000000 ____D C:\Users\K.Badekow\.dvdcss
2013-06-15 11:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:02 - 2013-06-14 22:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:35 - 2013-06-12 08:34 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:54 - 2012-01-10 20:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 22:00 - 2012-12-13 21:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\PokerStars.EU
2013-06-11 21:17 - 2012-04-05 22:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2012-02-16 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 20:06 - 2013-07-02 15:04 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-08 16:08 - 2013-06-15 15:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 15:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 15:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-04 17:41 - 2013-04-09 20:59 - 00000000 ____D C:\ProgramData\Lexware
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:11 - 2013-06-02 21:10 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 20:36

==================== End Of Log ============================
         
Code:
ATTFilter
Farbar Service Scanner Version: 27-06-2013
Ran by K.Badekow (administrator) on 02-07-2013 at 15:25:57
Running from "C:\Users\K.Badekow\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 03 (ATTENTION: FRST version is 21 days old)
Ran by K.Badekow (administrator) on 02-07-2013 15:27:55
Running from C:\Users\K.Badekow\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe
() C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNACBSWK.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [170496 2013-04-13] (Sun Microsystems, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [NcpBudgetGui] "C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe" -start [1001472 2013-01-07] (NCP engineering GmbH)
HKLM-x32\...\Run: [NcpPopup] "C:\Program Files (x86)\NCP\SecureClient\ncppopup.exe" noerrmsg [1011280 2012-03-20] (NCP engineering GmbH)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NcpRsuGui] "C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe" -gui [883792 2011-08-22] (NCP engineering GmbH)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\K.Badekow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\K.Badekow\AppData\Roaming\Mozilla\Firefox\Profiles\vmhd2vpj.default
FF SelectedSearchEngine: Search the web (Babylon)
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @rim.com/npappworld - C:\Program Files (x86)\Research In Motion Limited\Browser-Plug-In f�r BlackBerry App World\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Adobe InDesign\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-16] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Lexware_Professional_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2008-07-02] (iAnywhere Solutions, Inc.)
R2 ncpclcfg; C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe [139896 2012-07-12] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe [1650736 2013-01-16] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE [119808 2011-04-21] ()
R2 rwsrsu; C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe [883792 2011-08-22] (NCP engineering GmbH)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-17] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [75888 2010-09-27] (Atheros Communications, Inc.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 15:04 - 2013-06-11 20:06 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:23 - 2013-07-02 15:25 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 13:22 - 2013-07-02 15:26 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-06-29 22:04 - 2013-06-29 22:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:56 - 2013-06-29 20:57 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-27 21:03 - 2013-06-27 21:05 - 00000000 ____D C:\tmp
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:22 - 2013-06-26 08:25 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:51 - 2013-06-24 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 10:35 - 2013-06-20 10:36 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-15 22:23 - 2013-06-15 22:24 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 15:06 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:06 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:06 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:06 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:06 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:01 - 2013-06-14 22:02 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:34 - 2013-06-12 08:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:53 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-11 22:53 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-11 22:53 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 22:53 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-11 19:32 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 19:32 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 19:32 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 19:32 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 19:32 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 19:32 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 19:32 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 19:31 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 19:31 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-05 06:24 - 2012-10-17 16:37 - 00397312 ____A (Koyote Soft) C:\Windows\SysWOW64\TubeFinder.exe
2013-06-05 06:24 - 2011-09-28 09:18 - 00364544 ____A C:\Windows\SysWOW64\PropertyGrid.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00208500 ____A C:\Windows\SysWOW64\ReyXpBasics.tlb
2013-06-05 06:24 - 2011-09-28 09:18 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00084512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00024576 ____A C:\Windows\SysWOW64\ControlSubX.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:10 - 2013-06-02 21:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== One Month Modified Files and Folders =======

2013-07-02 15:26 - 2013-07-02 13:22 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 15:25 - 2013-07-02 13:23 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 15:22 - 2012-02-16 21:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-02 15:17 - 2012-08-04 09:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 15:14 - 2012-02-16 10:29 - 01971644 ____A C:\Windows\WindowsUpdate.log
2013-07-02 14:09 - 2012-02-16 20:30 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Adobe
2013-07-02 14:08 - 2012-05-15 20:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-02 14:08 - 2012-02-16 21:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 13:20 - 2013-02-01 12:09 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Dropbox
2013-07-02 13:06 - 2012-02-19 13:20 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\Adobe
2013-07-02 13:05 - 2011-04-12 09:43 - 00713452 ____A C:\Windows\System32\perfh007.dat
2013-07-02 13:05 - 2011-04-12 09:43 - 00156276 ____A C:\Windows\System32\perfc007.dat
2013-07-02 13:05 - 2009-07-14 07:13 - 01659940 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 13:04 - 2013-04-18 18:37 - 00000000 ____D C:\Users\K.Badekow\Documents\Handelsgesellschaft Badekow
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:47 - 2012-02-16 21:41 - 00000000 ____D C:\ProgramData\MFAData
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-02 12:42 - 2013-05-02 23:57 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-07-02 12:42 - 2013-01-19 15:23 - 00000431 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-02 12:42 - 2012-05-17 12:45 - 00000000 ____D C:\ProgramData\VMware
2013-07-02 12:41 - 2012-01-10 21:14 - 00094668 ____A C:\Windows\setupact.log
2013-07-02 12:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-07-01 11:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-29 22:05 - 2013-06-29 22:04 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:19 - 2012-05-18 22:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:57 - 2013-06-29 20:56 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 20:56 - 2012-10-02 09:22 - 593580212 ____A C:\Windows\MEMORY.DMP
2013-06-29 20:56 - 2012-10-02 09:22 - 00000000 ____D C:\Windows\Minidump
2013-06-29 20:53 - 2012-05-17 13:17 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VMware
2013-06-29 20:50 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-29 20:47 - 2012-05-17 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\VMware
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-28 01:48 - 2012-03-11 15:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Skype
2013-06-27 22:31 - 2013-01-30 19:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-27 22:31 - 2012-03-11 15:27 - 00000000 ____D C:\ProgramData\Skype
2013-06-27 21:59 - 2012-02-17 03:00 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\vlc
2013-06-27 21:05 - 2013-06-27 21:03 - 00000000 ____D C:\tmp
2013-06-27 21:03 - 2012-02-16 10:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VirtualStore
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 19:12 - 2013-04-27 12:49 - 00001992 ___AH C:\Users\K.Badekow\Documents\Default.rdp
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-27 10:30 - 2013-05-31 20:43 - 00010304 ____A C:\Users\K.Badekow\Desktop\mtl.ods
2013-06-26 14:11 - 2012-12-02 15:54 - 00068376 ____A C:\Users\K.Badekow\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 14:09 - 2013-02-09 22:44 - 00000000 ____D C:\Users\K.Badekow\Documents\Rudeloff
2013-06-26 14:05 - 2009-07-14 06:45 - 04930256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 11:59 - 2013-01-30 19:20 - 00000000 ____D C:\Users\K.Badekow\Documents\Betriebswirt
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:37 - 2012-02-16 10:36 - 00000000 ____D C:\users\K.Badekow
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:25 - 2013-06-26 08:22 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:52 - 2013-06-24 12:51 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 11:39 - 2012-02-16 21:43 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-24 11:39 - 2012-02-16 20:50 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 19:11 - 2013-04-19 22:50 - 00022318 ____A C:\Users\K.Badekow\Documents\Zeugnis Badekow2.odt
2013-06-20 10:36 - 2013-06-20 10:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-17 13:50 - 2010-11-21 05:47 - 00132972 ____A C:\Windows\PFRO.log
2013-06-15 22:24 - 2013-06-15 22:23 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 22:24 - 2012-02-16 20:28 - 00000000 ____D C:\Users\K.Badekow\.dvdcss
2013-06-15 11:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:02 - 2013-06-14 22:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:35 - 2013-06-12 08:34 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:54 - 2012-01-10 20:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 22:00 - 2012-12-13 21:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\PokerStars.EU
2013-06-11 21:17 - 2012-04-05 22:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2012-02-16 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 20:06 - 2013-07-02 15:04 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-08 16:08 - 2013-06-15 15:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 15:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 15:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-04 17:41 - 2013-04-09 20:59 - 00000000 ____D C:\ProgramData\Lexware
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:11 - 2013-06-02 21:10 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 20:36

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 02.07.2013, 14:45   #8
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 03 (ATTENTION: FRST version is 21 days old)
Ran by K.Badekow (administrator) on 02-07-2013 15:27:55
Running from C:\Users\K.Badekow\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe
() C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNACBSWK.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe
(NCP engineering GmbH) C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [170496 2013-04-13] (Sun Microsystems, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [NcpBudgetGui] "C:\Program Files (x86)\NCP\SecureClient\NcpBudgetGui.exe" -start [1001472 2013-01-07] (NCP engineering GmbH)
HKLM-x32\...\Run: [NcpPopup] "C:\Program Files (x86)\NCP\SecureClient\ncppopup.exe" noerrmsg [1011280 2012-03-20] (NCP engineering GmbH)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NcpRsuGui] "C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe" -gui [883792 2011-08-22] (NCP engineering GmbH)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\K.Badekow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=101012_24_4112_6&babsrc=SP_ss&mntrId=926aa9df00000000000074de2bad3d8f
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\K.Badekow\AppData\Roaming\Mozilla\Firefox\Profiles\vmhd2vpj.default
FF SelectedSearchEngine: Search the web (Babylon)
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @rim.com/npappworld - C:\Program Files (x86)\Research In Motion Limited\Browser-Plug-In f�r BlackBerry App World\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - D:\Adobe InDesign\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-16] ()
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Lexware_Professional_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2008-07-02] (iAnywhere Solutions, Inc.)
R2 ncpclcfg; C:\Program Files (x86)\NCP\SecureClient\ncpclcfg.exe [139896 2012-07-12] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files (x86)\NCP\SecureClient\ncprwsnt.exe [1650736 2013-01-16] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files (x86)\NCP\SecureClient\NCPSEC.EXE [119808 2011-04-21] ()
R2 rwsrsu; C:\Program Files (x86)\NCP\SecureClient\rwsrsu.exe [883792 2011-08-22] (NCP engineering GmbH)
S3 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-17] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [75888 2010-09-27] (Atheros Communications, Inc.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [102800 2013-01-16] (NCP Engineering GmbH)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 15:04 - 2013-06-11 20:06 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:23 - 2013-07-02 15:25 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 13:22 - 2013-07-02 15:26 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-06-29 22:04 - 2013-06-29 22:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:56 - 2013-06-29 20:57 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-27 21:03 - 2013-06-27 21:05 - 00000000 ____D C:\tmp
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:22 - 2013-06-26 08:25 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:51 - 2013-06-24 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 10:35 - 2013-06-20 10:36 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-15 22:23 - 2013-06-15 22:24 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 15:06 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:06 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:06 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:06 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:06 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:06 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:06 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:01 - 2013-06-14 22:02 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:34 - 2013-06-12 08:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:53 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-11 22:53 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-11 22:53 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-11 22:53 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-11 22:53 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 22:53 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-11 19:32 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 19:32 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 19:32 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 19:32 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 19:32 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 19:32 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 19:32 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 19:31 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 19:31 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 19:31 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 19:31 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 19:31 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-05 06:24 - 2012-10-17 16:37 - 00397312 ____A (Koyote Soft) C:\Windows\SysWOW64\TubeFinder.exe
2013-06-05 06:24 - 2011-09-28 09:18 - 00364544 ____A C:\Windows\SysWOW64\PropertyGrid.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00208500 ____A C:\Windows\SysWOW64\ReyXpBasics.tlb
2013-06-05 06:24 - 2011-09-28 09:18 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00084512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2013-06-05 06:24 - 2011-09-28 09:18 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-05 06:24 - 2011-09-28 09:18 - 00024576 ____A C:\Windows\SysWOW64\ControlSubX.ocx
2013-06-05 06:24 - 2011-09-28 09:18 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:10 - 2013-06-02 21:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== One Month Modified Files and Folders =======

2013-07-02 15:26 - 2013-07-02 13:22 - 00002589 ____A C:\Users\K.Badekow\Desktop\FSS.txt
2013-07-02 15:25 - 2013-07-02 13:23 - 00030269 ____A C:\Users\K.Badekow\Desktop\Result.txt
2013-07-02 15:22 - 2012-02-16 21:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-02 15:17 - 2012-08-04 09:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 15:14 - 2012-02-16 10:29 - 01971644 ____A C:\Windows\WindowsUpdate.log
2013-07-02 14:09 - 2012-02-16 20:30 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Adobe
2013-07-02 14:08 - 2012-05-15 20:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-02 14:08 - 2012-02-16 21:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-02 13:37 - 2013-07-02 13:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{94ABE251-66B6-4307-80C6-0878C0056413}
2013-07-02 13:20 - 2013-07-02 13:20 - 00760775 ____A (Farbar) C:\Users\K.Badekow\Desktop\MiniToolBox.exe
2013-07-02 13:20 - 2013-07-02 13:20 - 00356397 ____A (Farbar) C:\Users\K.Badekow\Desktop\FSS.exe
2013-07-02 13:20 - 2013-02-01 12:09 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Dropbox
2013-07-02 13:06 - 2012-02-19 13:20 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\Adobe
2013-07-02 13:05 - 2011-04-12 09:43 - 00713452 ____A C:\Windows\System32\perfh007.dat
2013-07-02 13:05 - 2011-04-12 09:43 - 00156276 ____A C:\Windows\System32\perfc007.dat
2013-07-02 13:05 - 2009-07-14 07:13 - 01659940 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 13:04 - 2013-04-18 18:37 - 00000000 ____D C:\Users\K.Badekow\Documents\Handelsgesellschaft Badekow
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:49 - 2009-07-14 06:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:47 - 2012-02-16 21:41 - 00000000 ____D C:\ProgramData\MFAData
2013-07-02 12:43 - 2013-07-02 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{E6CEFBA5-0C25-4095-B20F-13B3072B6995}
2013-07-02 12:42 - 2013-05-02 23:57 - 00000334 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-07-02 12:42 - 2013-01-19 15:23 - 00000431 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-02 12:42 - 2012-05-17 12:45 - 00000000 ____D C:\ProgramData\VMware
2013-07-02 12:41 - 2012-01-10 21:14 - 00094668 ____A C:\Windows\setupact.log
2013-07-02 12:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Windows\erdnt
2013-07-01 11:19 - 2013-07-01 11:19 - 00000000 ____D C:\Qoobox
2013-07-01 11:05 - 2013-07-01 11:05 - 00000000 ____D C:\FRST
2013-07-01 11:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-29 22:05 - 2013-06-29 22:04 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4105C62B-65D6-414B-B50A-B543148C4F2E}
2013-06-29 21:19 - 2012-05-18 22:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-06-29 21:08 - 2013-06-29 21:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{754EBE3D-CD32-4C44-A42D-18006450009A}
2013-06-29 20:57 - 2013-06-29 20:56 - 00276088 ____A C:\Windows\Minidump\062913-37393-01.dmp
2013-06-29 20:56 - 2012-10-02 09:22 - 593580212 ____A C:\Windows\MEMORY.DMP
2013-06-29 20:56 - 2012-10-02 09:22 - 00000000 ____D C:\Windows\Minidump
2013-06-29 20:53 - 2012-05-17 13:17 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VMware
2013-06-29 20:50 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-29 20:47 - 2012-05-17 12:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\VMware
2013-06-29 09:08 - 2013-06-29 09:08 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{F520A111-6D29-4EFD-863A-69C3ADEC4DDA}
2013-06-28 11:14 - 2013-06-28 11:14 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{9F928144-95BF-4577-8C67-EFF672D1F808}
2013-06-28 01:48 - 2012-03-11 15:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\Skype
2013-06-27 22:31 - 2013-01-30 19:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-27 22:31 - 2012-03-11 15:27 - 00000000 ____D C:\ProgramData\Skype
2013-06-27 21:59 - 2012-02-17 03:00 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\vlc
2013-06-27 21:05 - 2013-06-27 21:03 - 00000000 ____D C:\tmp
2013-06-27 21:03 - 2012-02-16 10:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\VirtualStore
2013-06-27 20:59 - 2013-06-27 20:59 - 00000561 ____A C:\Users\Public\Desktop\FLAC To MP3.lnk
2013-06-27 19:12 - 2013-04-27 12:49 - 00001992 ___AH C:\Users\K.Badekow\Documents\Default.rdp
2013-06-27 17:27 - 2013-06-27 17:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{56D12B53-1636-45D7-B134-6BB274AD6F76}
2013-06-27 10:30 - 2013-05-31 20:43 - 00010304 ____A C:\Users\K.Badekow\Desktop\mtl.ods
2013-06-26 14:11 - 2012-12-02 15:54 - 00068376 ____A C:\Users\K.Badekow\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-26 14:09 - 2013-02-09 22:44 - 00000000 ____D C:\Users\K.Badekow\Documents\Rudeloff
2013-06-26 14:05 - 2009-07-14 06:45 - 04930256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-26 12:06 - 2013-06-26 12:06 - 00001550 ____A C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-06-26 11:59 - 2013-01-30 19:20 - 00000000 ____D C:\Users\K.Badekow\Documents\Betriebswirt
2013-06-26 09:58 - 2013-06-26 09:58 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 09:37 - 2013-06-26 09:37 - 00000000 ____D C:\Users\K.Badekow\.android
2013-06-26 09:37 - 2012-02-16 10:36 - 00000000 ____D C:\users\K.Badekow
2013-06-26 09:35 - 2013-06-26 09:35 - 00007334 ____A C:\Users\K.Badekow\Desktop\OpenDocument Text (neu).odt
2013-06-26 08:25 - 2013-06-26 08:22 - 00000000 ____D C:\Users\K.Badekow\Documents\Songtexte
2013-06-26 08:22 - 2013-06-26 08:22 - 00003498 ____A C:\Users\K.Badekow\Desktop\Projektarbeit.lnk
2013-06-26 08:11 - 2013-06-26 08:11 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{128BC551-4EE5-4B69-955E-030FE2EE38CC}
2013-06-25 18:47 - 2013-06-25 18:47 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{4717120F-BF25-477D-9049-681B5FA7F326}
2013-06-24 13:12 - 2013-06-24 13:12 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\TERA
2013-06-24 12:52 - 2013-06-24 12:51 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{65E7A4AF-91BF-491E-A875-EA44802BA86C}
2013-06-24 11:39 - 2013-06-24 11:39 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 11:39 - 2013-06-24 11:39 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 11:39 - 2012-02-16 21:43 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-24 11:39 - 2012-02-16 20:50 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 12:43 - 2013-06-22 12:43 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2ECB220E-1744-472E-B0E9-F3D2B33C6B29}
2013-06-21 13:28 - 2013-06-21 13:28 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2A6B4077-791F-44FE-B554-464D24DE1A50}
2013-06-20 19:11 - 2013-04-19 22:50 - 00022318 ____A C:\Users\K.Badekow\Documents\Zeugnis Badekow2.odt
2013-06-20 10:36 - 2013-06-20 10:35 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7B35B0F4-B460-4D27-ADBF-2B7607A477A0}
2013-06-19 18:49 - 2013-06-19 18:49 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D2CF201F-47E1-46D0-9AB7-307303E5B4DB}
2013-06-18 11:27 - 2013-06-18 11:27 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{A6CBDF6B-B792-4F31-BC5F-491FF9699B57}
2013-06-17 15:26 - 2013-06-17 15:26 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{2535FBC9-68F1-4230-A1D3-30148137CA25}
2013-06-17 13:50 - 2010-11-21 05:47 - 00132972 ____A C:\Windows\PFRO.log
2013-06-15 22:24 - 2013-06-15 22:23 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-06-15 22:24 - 2012-02-16 20:28 - 00000000 ____D C:\Users\K.Badekow\.dvdcss
2013-06-15 11:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-15 11:05 - 2013-06-15 11:05 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{CF1E691A-FB33-45B6-BCDD-8433F62DA873}
2013-06-14 22:02 - 2013-06-14 22:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{D6510E01-74D2-42BA-BB76-A5C8D525B3F2}
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{8469943F-2959-42B5-93AF-45716B3B09B9}
2013-06-12 08:35 - 2013-06-12 08:34 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7882D4C6-F219-4280-90FF-AAE445BD7B45}
2013-06-11 22:54 - 2012-01-10 20:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 22:00 - 2012-12-13 21:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\PokerStars.EU
2013-06-11 21:17 - 2012-04-05 22:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2012-02-16 20:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 20:06 - 2013-07-02 15:04 - 01920158 ____A (Farbar) C:\Users\K.Badekow\Desktop\FRST64.exe
2013-06-11 19:52 - 2013-06-11 19:52 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{FA625A9A-EB29-492B-8508-32FEE2B4D531}
2013-06-09 21:01 - 2013-06-09 21:01 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{3C1934F7-C6DF-49B3-BDAD-6A151B7341FA}
2013-06-08 16:08 - 2013-06-15 15:06 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 15:06 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 15:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 15:06 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 15:06 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 15:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 17:33 - 2013-06-07 17:33 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{BC0028D6-5C2A-45A7-82B2-A8D929F7FFE9}
2013-06-06 21:37 - 2013-06-06 21:37 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{448FE722-BA76-40B6-A6B9-044096689F8D}
2013-06-06 08:53 - 2013-06-06 08:53 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{EA4EC261-94DA-4147-9A9F-814BD04620DE}
2013-06-05 06:24 - 2013-06-05 06:24 - 00001149 ____A C:\Users\K.Badekow\Desktop\Free FLV Converter.lnk
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 06:24 - 2013-06-05 06:24 - 00000000 ____D C:\Program Files (x86)\Free FLV Converter
2013-06-04 17:41 - 2013-04-09 20:59 - 00000000 ____D C:\ProgramData\Lexware
2013-06-04 17:13 - 2013-06-04 17:13 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{1A583EA5-E510-437D-AF08-DBAF5868DF17}
2013-06-03 18:45 - 2013-06-03 18:45 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{33FE1A42-0519-4B1F-997C-500E38842510}
2013-06-02 21:11 - 2013-06-02 21:10 - 00000000 ____D C:\Users\K.Badekow\AppData\Local\{7F07F3D4-79CC-439B-BEDE-E8941DA407A3}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 20:36

==================== End Of Log ============================
         
--- --- ---

Alt 02.07.2013, 16:37   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Additional.txt fehlt noch

Windows-Taste +R, schreibe

ipconfig /flushdns
ipconfig /release
ipconfig /renew

nach jeder Zeile Enter. Reboot. Lan checken.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.07.2013, 16:44   #10
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2013 03
Ran by K.Badekow at 2013-07-02 17:39:40 Run:
Running from C:\Users\K.Badekow\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 8.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3345)
AVG 2013 (Version: 2013.0.3345)
AviSynth 2.5
Bandicam (Version: 1.8.6.321)
Bandisoft MPEG-1 Decoder
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Browser-Plug-In für BlackBerry App World (Version: 4.2.1.8)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon LBP7010C/7018C
Canon MP Navigator EX 4.0
CanoScan LiDE 110 Scanner Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
Curse Client (Version: 4.0.1.260)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
dakota.ag (Version: 5.0.0.0)
DivX-Setup (Version: 2.6.1.24)
DragonCastle (Version: 1.0)
Dropbox (Version: 2.0.22)
ElsterFormular (Version: 14.3.20130522)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FLAC To MP3 V4.0.4
Free FLV Converter V 7.5.0 (Version: 7.5.0.0)
Glary Utilities 2.55.0.1790 (Version: 2.55.0.1790)
Guard.ICQ
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP LJ300-400 color MFP M375-M475
HP LJ300-400 color MFP M375-M475 Fax (Version: 24.0.0.0)
HP LJ300-400 M375-M475 HP Scan (Version: 1.0.302.0)
HP Product Detection (Version: 11.14.0001)
HP Product FWUpdater (Version: 4.0.0.6579)
HP Unified IO (Version: 1.0.1.94)
HP Update (Version: 5.003.001.001)
hpbDSService (Version: 001.001.05133)
hpbM375M475DSService (Version: 001.001.05164)
HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (Version: 1.01.0000)
HPLJDXPHelper (Version: 020.021.004)
HPLJUTCore (Version: 1.02.0014)
HPLJUTM375-M475 (Version: 1.02.0013)
hppFaxDrvM375M475 (Version: 003.000.00002)
hppLaserJetService (Version: 009.022.00806)
hppM375_M475LaserJetService (Version: 005.020.00094)
hppSendFaxM375M475 (Version: 003.000.00002)
hppToolboxProxyM375 (Version: 020.021.004)
hpStatusAlerts (Version: 020.025.1119)
hpStatusAlertsM375_M475 (Version: 020.023.01805)
ICQ Sparberater (Version: 1.3.671)
ICQ7.7 (Version: 7.7)
ImagXpress (Version: 7.0.74.0)
InstanceFinder (Version: 020.021.004)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 13 (64-bit) (Version: 6.0.130)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexware Admintools Pro (Version: 11.50.00.0135)
Lexware financial office pro 2011 (Version: 11.50.00.0235)
Lexware financial office pro 2011 (Version: 11.63.00.0283)
Lexware Info Service (Version: 2.70.00.0081)
Lexware online banking (Version: 11.00.00.0039)
Lexware professional Datenbank 2011 (Version: 11.50.00.0148)
LJDXPHelperUI (Version: 020.021.004)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software-Treiberpaket (Version: 12.10.1110)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPhoneExplorer (Version: 1.8.4)
NCP Secure Entry Client (Version: 9.31 Build 104)
Nero 7 Premium (Version: 7.01.4068)
Nero ControlCenter (Version: 0.0.0.1)
Nero Disc Copy Gadget Help (Version: 2.0.0.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero Live Help (Version: 1.0.162.0)
neroxml (Version: 1.0.0)
Nexon Game Manager
OpenOffice.org 3.3 (Version: 3.3.9567)
Oracle VM VirtualBox 4.2.6 (Version: 4.2.6)
OutlookAddInNet3Setup (Version: 1.0.0)
Pandora's Box 2 (Version: 2.0.0.5)
PDF24 Creator 5.4.0
PDFCreator (Version: 1.5.0)
PokerStars.eu
PS3 Media Server (Version: 1.82.0)
QuickTime (Version: 7.74.80.86)
Samsung Kies (Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
Skype™ 6.5 (Version: 6.5.158)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
TeamViewer 8 (Version: 8.0.16642)
TERA (Version: 7)
ToolboxProxy (Version: 020.023.005)
tools-windows (Version: 8.8.2.703057)
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
Ultima Online 2D Client (Version: 5.0.9)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Vampire Editor
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vistaprint Fotobücher
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
VmciSockets (Version: 9.1.54.1)
VMware Player (Version: 4.0.3.29699)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows XP Mode (Version: 1.3.7600.16422)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)

==================== Restore Points  =========================

11-06-2013 20:52:30 Windows Update
15-06-2013 13:06:20 Windows Update
23-06-2013 18:43:19 Geplanter Prüfpunkt
24-06-2013 09:38:18 Installed Java 7 Update 25
26-06-2013 10:22:44 Windows Update
02-07-2013 12:56:35 Removed Adobe Media Player
02-07-2013 12:57:03 Removed Adobe® Content Viewer
02-07-2013 13:22:30 Removed Adobe Help Manager

==================== Hosts content: ==========================
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	#		

       
#	127.0.0.1       localhost


==================== Faulty Device Manager Devices =============

Name: NCP Secure Client Virtual NDIS6 Adapter
Description: NCP Secure Client Virtual NDIS6 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ncp
Service: ncplelhp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/02/2013 00:59:42 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (07/02/2013 00:43:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:02:53 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/01/2013 11:00:43 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/01/2013 10:52:22 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/29/2013 10:50:05 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/29/2013 10:05:44 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:03:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:30 PM) (Source: ipnathlp) (User: )
Description: 

Error: (06/29/2013 10:01:23 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/02/2013 00:43:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 11:03:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 10:52:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:58:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:08:27 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (06/29/2013 07:36:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 08:42:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 08:53:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2013 10:42:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 05:26:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-02-20 19:22:40.185
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:40.162
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.487
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:37.466
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.657
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:34.635
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.729
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:31.708
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.706
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-20 19:22:28.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8173.86 MB
Available physical RAM: 5955.08 MB
Total Pagefile: 16345.9 MB
Available Pagefile: 14148.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (C) (Fixed) (Total:449.66 GB) (Free:329.86 GB) NTFS (Disk=0 Partition=3)
Drive d: (D) (Fixed) (Total:465.76 GB) (Free:181.72 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6B355D14)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6B355D22)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Auch nach den durchgeführten ipconfigs keine Verbesserung.
WLAN geht nur bis eingeschränkt. Egal ob ich das wlan hier nehme, oder das wlan über die Tethering Funktion meines Handys

Alt 02.07.2013, 18:12   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2013, 08:19   #12
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Bevor ich Combofix ausführe habe ich was anderes noch festgestellt:
Beim Einstecken des USB kann man nicht mehr anklicken mit welchem Medium man diesen nun öffnen oder abspielen will.
Code:
ATTFilter
Der Datei ist kein Programm zum Ausführen dieser Aktion zugeordnet. Installieren Sie ein entsprechendes Programm,  oder erstellen Sie in der Systemsteuerung unter "Standartprogramme" eine Zuordnung,  wenn bereits ein Programm installiert ist.
         
Combofix fordert mich gerade auf datein zu löschen, die ich aber nicht sehen kann.
Edit: aso ne ich bin doof. Er löscht die selber -.-

Alt 03.07.2013, 08:22   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Was macht Combofix?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2013, 08:29   #14
Teronius
 
Keine Internetverbindung - Standard

Keine Internetverbindung



Code:
ATTFilter
ComboFix 13-07-02.03 - K.Badekow 03.07.2013   9:12.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8174.6529 [GMT 2:00]
ausgef�hrt von:: c:\users\K.Badekow\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: NCP Secure Entry Client *Disabled* {2E93E888-9DAC-5065-8626-9C7F7A0820C2}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere L�schungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\K.Badekow\AppData\Local\TempDIR
c:\users\K.Badekow\AppData\Local\TempDIR\BetterInstaller.exe
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-03 bis 2013-07-03  ))))))))))))))))))))))))))))))
.
.
2013-07-03 07:18 . 2013-07-03 07:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-01 09:05 . 2013-07-01 09:05	--------	d-----w-	C:\FRST
2013-06-27 19:03 . 2013-06-27 19:05	--------	d-----w-	C:\tmp
2013-06-26 07:58 . 2013-06-26 07:58	--------	d-----w-	c:\users\K.Badekow\AppData\Roaming\PDAppFlex
2013-06-26 07:37 . 2013-06-26 07:37	--------	d-----w-	c:\users\K.Badekow\.android
2013-06-24 11:12 . 2013-06-24 11:12	--------	d-----w-	c:\users\K.Badekow\AppData\Roaming\TERA
2013-06-24 09:39 . 2013-06-24 09:39	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-15 20:23 . 2013-06-15 20:24	--------	d-----w-	c:\program files (x86)\PS3 Media Server
2013-06-11 17:32 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-11 17:32 . 2013-04-26 05:51	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-06-11 17:32 . 2013-04-26 04:55	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-06-11 17:32 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-06-11 17:32 . 2013-05-10 03:20	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-06-11 17:32 . 2013-04-17 07:02	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-06-11 17:32 . 2013-04-17 06:24	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-06-11 17:31 . 2013-05-13 05:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-11 17:31 . 2013-05-13 05:51	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-06-11 17:31 . 2013-05-13 05:51	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-11 17:31 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2013-06-11 17:31 . 2013-05-13 04:45	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-06-11 17:31 . 2013-05-13 04:45	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-06-11 17:31 . 2013-05-13 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-06-11 17:31 . 2013-05-13 03:43	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-06-11 17:31 . 2013-05-13 03:08	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-06-11 17:31 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-06-11 17:31 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-06-11 17:31 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-06-05 04:24 . 2012-10-17 14:37	397312	----a-w-	c:\windows\SysWow64\TubeFinder.exe
2013-06-05 04:24 . 2013-06-05 04:24	--------	d-----w-	c:\users\K.Badekow\AppData\Roaming\FreeFLVConverter
2013-06-05 04:24 . 2011-09-28 07:18	9728	----a-w-	c:\windows\SysWow64\PCCLPFR.DLL
2013-06-05 04:24 . 2011-09-28 07:18	84512	----a-w-	c:\windows\SysWow64\PICCLP32.OCX
2013-06-05 04:24 . 2011-09-28 07:18	364544	----a-w-	c:\windows\SysWow64\PropertyGrid.ocx
2013-06-05 04:24 . 2011-09-28 07:18	32768	----a-w-	c:\windows\SysWow64\CMDLGFR.DLL
2013-06-05 04:24 . 2011-09-28 07:18	24576	----a-w-	c:\windows\SysWow64\ControlSubX.ocx
2013-06-05 04:24 . 2011-09-28 07:18	152848	----a-w-	c:\windows\SysWow64\COMDLG32.OCX
2013-06-05 04:24 . 2011-09-28 07:18	141312	----a-w-	c:\windows\SysWow64\MSCMCFR.DLL
2013-06-05 04:24 . 2011-09-28 07:18	119568	----a-w-	c:\windows\SysWow64\VB6FR.DLL
2013-06-05 04:24 . 2011-09-28 07:18	101888	----a-w-	c:\windows\SysWow64\VB6STKIT.DLL
2013-06-05 04:24 . 2013-06-05 04:24	--------	d-----w-	c:\program files (x86)\Free FLV Converter
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 09:39 . 2012-02-16 19:43	867240	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-06-24 09:39 . 2012-02-16 18:50	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-11 20:54 . 2012-01-10 18:35	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-11 19:17 . 2012-04-05 20:04	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 19:17 . 2012-02-16 18:30	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-25 19:44 . 2013-05-25 07:46	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0978923D-C8B1-4BB3-AB51-79F6BD5C6BEC}\offreg.dll
2013-05-13 23:48 . 2013-05-24 20:08	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0978923D-C8B1-4BB3-AB51-79F6BD5C6BEC}\mpengine.dll
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 14:21 . 2011-03-28 17:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2013-04-30 04:54 . 2013-04-30 04:54	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 04:54 . 2013-04-30 04:54	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-30 04:54 . 2013-04-30 04:54	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-30 04:54 . 2013-04-30 04:54	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-30 04:54 . 2013-04-30 04:54	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-30 04:54 . 2013-04-30 04:54	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-30 04:54 . 2013-04-30 04:54	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-30 04:54 . 2013-04-30 04:54	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 04:54 . 2013-04-30 04:54	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 04:54 . 2013-04-30 04:54	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-30 04:54 . 2013-04-30 04:54	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-30 04:54 . 2013-04-30 04:54	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-30 04:54 . 2013-04-30 04:54	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-30 04:54 . 2013-04-30 04:54	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-30 04:54 . 2013-04-30 04:54	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-30 04:54 . 2013-04-30 04:54	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 04:54 . 2013-04-30 04:54	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-30 04:54 . 2013-04-30 04:54	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-30 04:54 . 2013-04-30 04:54	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-30 04:54 . 2013-04-30 04:54	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-30 04:54 . 2013-04-30 04:54	441856	----a-w-	c:\windows\system32\html.iec
2013-04-30 04:54 . 2013-04-30 04:54	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-30 04:54 . 2013-04-30 04:54	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-30 04:54 . 2013-04-30 04:54	235008	----a-w-	c:\windows\system32\url.dll
2013-04-30 04:54 . 2013-04-30 04:54	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-30 04:54 . 2013-04-30 04:54	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-30 04:54 . 2013-04-30 04:54	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-30 04:54 . 2013-04-30 04:54	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-30 04:54 . 2013-04-30 04:54	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-30 04:54 . 2013-04-30 04:54	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-30 04:54 . 2013-04-30 04:54	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-30 04:54 . 2013-04-30 04:54	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-30 04:54 . 2013-04-30 04:54	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-30 04:54 . 2013-04-30 04:54	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-30 04:54 . 2013-04-30 04:54	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-30 04:54 . 2013-04-30 04:54	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-30 04:54 . 2013-04-30 04:54	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-30 04:54 . 2013-04-30 04:54	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 04:54 . 2013-04-30 04:54	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-30 04:54 . 2013-04-30 04:54	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-30 04:54 . 2013-04-30 04:54	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-30 04:54 . 2013-04-30 04:54	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-30 04:54 . 2013-04-30 04:54	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-30 04:54 . 2013-04-30 04:54	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-30 04:54 . 2013-04-30 04:54	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-30 04:54 . 2013-04-30 04:54	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-30 04:54 . 2013-04-30 04:54	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-30 04:54 . 2013-04-30 04:54	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-30 04:54 . 2013-04-30 04:54	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-30 04:53 . 2013-04-30 04:53	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-04-30 04:53 . 2013-04-30 04:53	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-04-30 04:53 . 2013-04-30 04:53	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-30 04:53 . 2013-04-30 04:53	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-04-30 04:53 . 2013-04-30 04:53	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-04-30 04:53 . 2013-04-30 04:53	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-04-30 04:53 . 2013-04-30 04:53	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-30 04:53 . 2013-04-30 04:53	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-04-30 04:53 . 2013-04-30 04:53	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-04-30 04:53 . 2013-04-30 04:53	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-04-30 04:53 . 2013-04-30 04:53	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-04-30 04:53 . 2013-04-30 04:53	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-04-30 04:53 . 2013-04-30 04:53	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-04-30 04:53 . 2013-04-30 04:53	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-04-30 04:53 . 2013-04-30 04:53	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-04-30 04:53 . 2013-04-30 04:53	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-04-30 04:53 . 2013-04-30 04:53	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-04-30 04:53 . 2013-04-30 04:53	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-04-30 04:53 . 2013-04-30 04:53	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-04-30 04:53 . 2013-04-30 04:53	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-04-30 04:53 . 2013-04-30 04:53	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-04-30 04:53 . 2013-04-30 04:53	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-04-30 04:53 . 2013-04-30 04:53	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintr�ge & legitime Standardeintr�ge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}]
2011-12-28 13:21	128064	----a-w-	c:\program files (x86)\icq\Internet Explorer\icq.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-03-20 162856]
"NcpBudgetGui"="c:\program files (x86)\NCP\SecureClient\NcpBudgetGui.exe" [2013-01-07 1001472]
"NcpPopup"="c:\program files (x86)\NCP\SecureClient\ncppopup.exe" [2012-03-20 1011280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"NcpRsuGui"="c:\program files (x86)\NCP\SecureClient\rwsrsu.exe" [2011-08-22 883792]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\K.Badekow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"RIMBBLaunchAgent.exe"=c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"NeroFilterCheck"=c:\program files (x86)\Common Files\Ahead\Lib\NeroCheck.exe
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NcpSec;NCP Client PKI Support;c:\program files (x86)\NCP\SecureClient\NCPSEC.EXE;c:\program files (x86)\NCP\SecureClient\NCPSEC.EXE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 ncpfilt;NCP Filter;c:\windows\system32\DRIVERS\ncplelhp.sys;c:\windows\SYSNATIVE\DRIVERS\ncplelhp.sys [x]
R3 ncplelhp;NCP Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys;c:\windows\SYSNATIVE\DRIVERS\ncplelhp.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 Lexware_Professional_Datenbank;Lexware Professional Datenbank;c:\program files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe;c:\program files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [x]
S2 ncpclcfg;NCP Client Configuration Support;c:\program files (x86)\NCP\SecureClient\ncpclcfg.exe;c:\program files (x86)\NCP\SecureClient\ncpclcfg.exe [x]
S2 ncprwsnt;NCP Client VPN und Dialing Service;c:\program files (x86)\NCP\SecureClient\ncprwsnt.exe;c:\program files (x86)\NCP\SecureClient\ncprwsnt.exe [x]
S2 rwsrsu;NCP Client Update Service;c:\program files (x86)\NCP\SecureClient\rwsrsu.exe;c:\program files (x86)\NCP\SecureClient\rwsrsu.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C60x64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 19:17]
.
2013-07-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-05-02 13:39]
.
2013-01-23 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-22 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\K.Badekow\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE" [2010-10-14 226784]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2013-04-13 170496]
.
------- Zus�tzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - d:\pokerstars\PokerStarsUpdate.exe
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\icq7.7\ICQ.exe
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\K.Badekow\AppData\Roaming\Mozilla\Firefox\Profiles\vmhd2vpj.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
.
- - - - Entfernte verwaiste Registrierungseintr�ge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-759156193-1707623112-1547535671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-759156193-1707623112-1547535671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-03  09:26:00
ComboFix-quarantined-files.txt  2013-07-03 07:26
.
Vor Suchlauf: 16 Verzeichnis(se), 354.189.877.248 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 354.846.056.448 Bytes frei
.
- - End Of File - - 3986C4AC0997E4CF509CAACE7CA92575
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 03.07.2013, 09:40   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Keine Internetverbindung - Standard

Keine Internetverbindung



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte. Was macht die Inet-Verbindung?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Keine Internetverbindung
administrator, adobe, adobe flash player, avg, browser, desktop, dll, download, explorer, farbar, farbar recovery scan tool, firefox, flash player, frst.txt, helper, html, koyote, microsoft, minidump, mozilla, pdf, registry, rundll, scan, search the web, services.exe, software, svchost.exe, system, winlogon.exe, wlan



Ähnliche Themen: Keine Internetverbindung


  1. Keine Internetverbindung
    Alles rund um Windows - 22.08.2015 (6)
  2. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  3. Keine Internetverbindung bei Kacheln Win 8.1
    Alles rund um Windows - 13.06.2014 (15)
  4. Trojaner (keine Internetverbindung)
    Log-Analyse und Auswertung - 15.09.2013 (3)
  5. keine Internetverbindung
    Alles rund um Windows - 21.08.2013 (29)
  6. keine internetverbindung über lan-kabel
    Alles rund um Windows - 06.08.2013 (3)
  7. Keine Internetverbindung
    Mülltonne - 02.07.2013 (0)
  8. GVU Trojaner (keine Internetverbindung)
    Log-Analyse und Auswertung - 20.05.2013 (25)
  9. Keine Internetverbindung
    Mülltonne - 18.10.2008 (3)
  10. Keine Internetverbindung mehr - die zweite
    Log-Analyse und Auswertung - 13.08.2008 (16)
  11. Keine Internetverbindung nach dem Booten
    Log-Analyse und Auswertung - 12.07.2008 (1)
  12. PC hat keine Internetverbindung mehr...
    Netzwerk und Hardware - 18.06.2008 (1)
  13. Keine Internetverbindung
    Alles rund um Windows - 11.11.2007 (6)
  14. Keine Internetverbindung (oder doch??!!)
    Plagegeister aller Art und deren Bekämpfung - 29.12.2005 (3)
  15. hilfe keine internetverbindung...
    Netzwerk und Hardware - 03.10.2005 (3)
  16. Keine Internetverbindung
    Plagegeister aller Art und deren Bekämpfung - 22.02.2005 (1)
  17. Nach Hijacking keine Internetverbindung
    Log-Analyse und Auswertung - 29.06.2004 (17)

Zum Thema Keine Internetverbindung - Hallo. Gerade macht mein eigener Laptop ein paar Probleme. Er verbindet sivh immer nur eingeschränkt mit dem wlan und überhäupt nicht über kabel. Code: Alles auswählen Aufklappen ATTFilter Scan result - Keine Internetverbindung...
Archiv
Du betrachtest: Keine Internetverbindung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.