Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.07.2013, 09:14   #1
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



An die Trojaner Profis,
Mein Rechner wurde nach einem schweren Virenbefall durch Eure professionelle Hilfe wieder flott gemacht. Nun aber zeigt sich jeden Tag ein paar Mal ein Fehler mit dem "Anzeigetreiber"..was immer das auch bedeuten mag. Der Monitor wird dabei immer 1-2 Sekunden schwarz.
Danke für Eure Hilfe und

freundliche Grüsse

Anatol

Alt 04.07.2013, 09:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 04.07.2013, 10:54   #3
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Hallo Schrauber,
Danke vielmal für die wiederum prompte Rückantwort. Hier die gewünschten logs
Gruss
Anatol


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Alfred (administrator) on 04-07-2013 11:43:14
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436224 2010-11-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2000-01-01] (Realtek Semiconductor)
HKCU\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [SAFE14 Browser Monitor] "C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe" [73216 2013-05-16] (Steganos Software GmbH)
HKCU\...\Run: [Free Download Manager] "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun [6875136 2013-03-27] (FreeDownloadManager.ORG)
MountPoints2: J - J:\HPLauncher.exe
MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - J:\HPLauncher.exe
MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-01] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Steganos HotKeys] "C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe" [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] "C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe" [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot [295512 2013-07-01] (RealNetworks, Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\adblockpopups@jessehakanen.net
FF Extension: Ant Video Downloader - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\anttoolbar@ant.com
FF Extension: AtTask Notifier - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\waters@attask.com
FF Extension: WOT - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: client - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\client@anonymox.net.xpi
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: ffext_basicchromeext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\ffext_basicchromeext@startpage24.xpi
FF Extension: jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF Extension: onlinehdtv - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\onlinehdtv@onlinehd.tv.xpi
FF Extension: savedpasswordeditor - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: waters - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\waters@attask.com.xpi
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (Claro Search) - hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4412_5&babsrc=SP_clro&mntrId=54c653ba0000000000000800270058af
CHR DefaultSuggestURL: (Claro Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih\1.2_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2010-11-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [282616 2010-11-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [188928 2010-10-24] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [72064 2010-10-24] (Microsoft Corporation)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-04] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-04 11:42 - 2013-07-04 11:42 - 01934636 ____A (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2013-07-04 11:42 - 2013-07-04 11:42 - 00000000 ____D C:\FRST
2013-07-04 10:18 - 2013-07-04 10:18 - 00001923 ____A C:\Users\Alfred\Desktop\CheckDrive.lnk
2013-07-04 10:18 - 2013-07-04 10:18 - 00000290 ____A C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Users\Alfred\AppData\Local\Abelssoft
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 906428.crdownload
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 400646.crdownload
2013-07-03 17:48 - 2013-07-03 17:48 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 134248.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 36480.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 227743.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 164550.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 137318.crdownload
2013-07-03 17:44 - 2013-07-03 17:44 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 207392.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00057419 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 772565.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 678189.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 540075.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 21420.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 55379.crdownload
2013-07-03 14:08 - 2013-07-03 14:20 - 34237393 ____A C:\Users\Alfred\Downloads\LFPA_Xv1.zip
2013-07-03 09:43 - 2013-07-03 09:51 - 24293035 ____A C:\Users\Alfred\Downloads\F-16D_X-1.zip
2013-07-03 09:41 - 2013-07-03 09:44 - 08275871 ____A C:\Users\Alfred\Downloads\f16b_viper.zip
2013-07-03 09:30 - 2013-07-03 09:30 - 00000000 ____D C:\Users\Alfred\Downloads\LSGG_flatten_rwy27
2013-07-02 21:01 - 2013-07-02 21:01 - 00001180 ____A C:\Users\Alfred\Desktop\bkk mit OSLL - Verknüpfung.lnk
2013-07-02 18:45 - 2013-07-02 18:45 - 00000710 ____A C:\Users\Alfred\Desktop\PIX - Verknüpfung.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00001132 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-06-29 16:54 - 2013-06-29 16:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\OpenOffice.org
2013-06-29 16:51 - 2013-06-29 16:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-06-29 16:47 - 2013-06-29 16:47 - 00000702 ____A C:\Users\Alfred\Desktop\Downloads - Verknüpfung.lnk
2013-06-29 12:09 - 2013-06-29 12:09 - 00000000 ____D C:\ProgramData\Free Download Manager
2013-06-29 12:08 - 2013-07-04 10:17 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-06-29 12:08 - 2013-06-29 12:08 - 00001073 ____A C:\Users\Alfred\Desktop\Free Download Manager.lnk
2013-06-29 12:08 - 2013-06-29 12:08 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-06-29 12:05 - 2013-06-29 12:06 - 07696614 ____A (FreeDownloadManager.ORG                                     ) C:\Users\Alfred\Downloads\fdminst_3.9.2b1303.exe
2013-06-29 11:55 - 2013-06-29 11:55 - 00001242 ____A C:\Users\Alfred\Desktop\Paint.lnk
2013-06-29 11:54 - 2013-06-29 11:57 - 00000000 ____D C:\Users\Alfred\Desktop\DAILY
2013-06-28 10:04 - 2013-06-28 10:04 - 00000322 ____A C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job
2013-06-26 21:28 - 2013-06-26 21:28 - 00000327 ____A C:\Users\Alfred\Desktop\HP Druckerdiagnosetools.url
2013-06-26 17:15 - 2013-06-26 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 15:57 - 2013-06-26 15:57 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-26 15:55 - 2013-06-26 15:56 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup(1).exe
2013-06-25 22:27 - 2013-06-25 22:27 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER.DE.TOOLS
2013-06-25 17:54 - 2013-06-25 17:56 - 05799944 ____A (ParetoLogic, Inc.) C:\Users\Alfred\Downloads\RegCureProSetup_RW.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\ProgramData\Sun
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-25 17:37 - 2013-06-25 17:37 - 00903080 ____A (Oracle Corporation) C:\Users\Alfred\Downloads\jxpiinstall.exe
2013-06-25 17:25 - 2013-06-25 17:25 - 00001430 ____A C:\DelFix.txt
2013-06-25 17:25 - 2013-06-25 17:25 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:22 - 2013-06-25 17:22 - 00706820 ____A C:\Users\Alfred\Downloads\delfix(1).exe
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-24 17:52 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-24 17:39 - 2013-07-04 09:35 - 00001893 ____A C:\Windows\setupact.log
2013-06-24 17:39 - 2013-06-27 07:09 - 00002860 ____A C:\Windows\PFRO.log
2013-06-24 17:39 - 2013-06-24 17:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 16:14 - 2013-06-24 16:27 - 2502722492 ____A C:\Users\Alfred\Downloads\AS_USCITIESX-LOS-ANGELES_FSX.zip
2013-06-24 15:49 - 2013-06-24 15:49 - 00781768 ____A (Google Inc.) C:\Users\Alfred\Downloads\GoogleEarthSetup.exe
2013-06-24 15:45 - 2013-06-24 15:45 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup.exe
2013-06-24 15:44 - 2013-06-24 15:44 - 00051330 ____A C:\Users\Alfred\Downloads\LosAngeles.kmz
2013-06-24 15:02 - 2013-06-24 15:24 - 46339176 ____A C:\Users\Alfred\Downloads\LibreOffice_4.0.4_Win_x86.msi
2013-06-24 14:07 - 2013-06-24 15:26 - 106816983 ____A C:\Users\Alfred\Downloads\100jhriges Jubilum - Tagesschau - TV - SRF Player - Schweizer Radio und Fernsehen.m4v
2013-06-24 12:23 - 2013-06-24 12:23 - 00219806 ____A C:\Users\Alfred\Downloads\data
2013-06-21 12:01 - 2013-06-21 12:01 - 00000000 ____D C:\Users\Alfred\Desktop\VIDEOS BACKUP VON Y AUF T oder TT
2013-06-21 07:55 - 2013-07-02 18:31 - 00000000 ____D C:\Users\Alfred\Documents\WALTI PAUL
2013-06-20 11:40 - 2013-06-20 11:40 - 00000000 ____D C:\Users\Alfred\Documents\Id Isaraporn
2013-06-20 09:44 - 2013-06-20 09:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 09:37 - 2013-06-20 09:37 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-06-20 09:36 - 2013-06-20 09:44 - 00176156 ____A C:\Windows\hphins27.dat
2013-06-20 09:36 - 2009-10-08 03:56 - 00000349 ____N C:\Windows\hphmdl27.dat
2013-06-20 09:23 - 2013-06-20 09:25 - 132666488 ____A C:\Users\Alfred\Downloads\DJ_SF_03_D4300_NonNet_Full_Win_WW_130_140.exe
2013-06-20 07:52 - 2013-06-20 07:52 - 03812764 ____A C:\Users\Alfred\Documents\Lia2013.potm
2013-06-17 20:13 - 2013-06-17 20:13 - 14711864 ____A (Abelssoft                                                   ) C:\Users\Alfred\Downloads\checkdrive.exe
2013-06-16 20:25 - 2013-06-16 20:25 - 00001353 ____A C:\Users\Alfred\Desktop\1.DIVERSES AKTUELL - Verknüpfung.lnk
2013-06-12 23:49 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 23:49 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 23:49 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 23:49 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 23:49 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 23:49 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 23:49 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 23:49 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 23:49 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 23:49 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 23:49 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 23:49 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 23:49 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 23:49 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 23:49 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 23:49 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 23:49 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 23:49 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 23:49 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 23:49 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 23:49 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 23:49 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 23:49 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 23:49 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 23:49 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 23:49 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 23:49 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 23:49 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 23:49 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 23:49 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 23:49 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 23:49 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 12:06 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:06 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 12:06 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:06 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:06 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 12:06 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 12:06 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 12:06 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 12:06 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 06:50 - 2013-06-11 06:50 - 00001329 ____A C:\Users\Alfred\Desktop\aerofly Flug Simulator 2013 - Verknüpfung.lnk
2013-06-10 17:44 - 2013-06-10 17:44 - 35049768 ____A (IPACS                                                       ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1000911.exe
2013-06-10 17:14 - 2013-06-10 17:16 - 00000000 ____D C:\Users\Alfred\Documents\aerofly Flug Simulator 2013
2013-06-10 17:13 - 2013-06-10 17:13 - 00001259 ____A C:\Users\Public\Desktop\aerofly Flug Simulator 2013.lnk
2013-06-10 17:06 - 2013-06-10 17:46 - 00000000 ____D C:\Program Files (x86)\aerofly Flug Simulator 2013
2013-06-08 22:53 - 2013-06-08 22:53 - 00001789 ____A C:\Users\Alfred\Documents\iTunes.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iPod
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-07 13:54 - 2013-06-07 13:54 - 00000000 ____D C:\Users\Alfred\Documents\aerofly FS
2013-06-05 12:49 - 2013-06-05 12:49 - 00000603 ____A C:\Users\Alfred\Documents\fleurop mahnung.txt
2013-06-05 11:04 - 2013-06-05 12:48 - 00000000 ____D C:\Users\Alfred\Documents\Florian
2013-06-04 23:40 - 2013-06-04 23:40 - 00302375 ____A C:\Users\Alfred\Downloads\13_bar5_fs9.zip
2013-06-04 23:38 - 2013-06-04 23:39 - 03597186 ____A C:\Users\Alfred\Downloads\48_addon_largoet.zip
2013-06-04 08:59 - 2013-06-04 08:59 - 00001245 ____A C:\Users\Alfred\Desktop\PASSWÖRTER ex gamerPC - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2013-07-04 11:42 - 2013-07-04 11:42 - 01934636 ____A (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2013-07-04 11:42 - 2013-07-04 11:42 - 00000000 ____D C:\FRST
2013-07-04 11:10 - 2012-10-18 15:41 - 01373120 ____A C:\Windows\WindowsUpdate.log
2013-07-04 10:52 - 2012-10-25 14:53 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-04 10:48 - 2013-04-10 04:17 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 10:18 - 2013-07-04 10:18 - 00001923 ____A C:\Users\Alfred\Desktop\CheckDrive.lnk
2013-07-04 10:18 - 2013-07-04 10:18 - 00000290 ____A C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Users\Alfred\AppData\Local\Abelssoft
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2013-07-04 10:17 - 2013-06-29 12:08 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-07-04 09:52 - 2012-10-25 14:53 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-04 09:42 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-04 09:42 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-04 09:40 - 2012-10-29 15:05 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\HpUpdate
2013-07-04 09:39 - 2011-04-12 09:43 - 00698720 ____A C:\Windows\System32\perfh007.dat
2013-07-04 09:39 - 2011-04-12 09:43 - 00148916 ____A C:\Windows\System32\perfc007.dat
2013-07-04 09:39 - 2009-07-14 07:13 - 01619012 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 09:37 - 2013-04-17 17:33 - 00000000 ____D C:\Users\Alfred\Documents\PW
2013-07-04 09:36 - 2013-05-23 10:06 - 00000412 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-04 09:35 - 2013-06-24 17:39 - 00001893 ____A C:\Windows\setupact.log
2013-07-04 09:35 - 2013-05-23 10:06 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-07-04 09:35 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 906428.crdownload
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 400646.crdownload
2013-07-03 17:48 - 2013-07-03 17:48 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 134248.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 36480.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 227743.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 164550.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 137318.crdownload
2013-07-03 17:44 - 2013-07-03 17:44 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 207392.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00057419 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 772565.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 678189.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 540075.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 21420.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 55379.crdownload
2013-07-03 17:41 - 2012-10-18 18:15 - 00000000 ____D C:\Users\Alfred\AppData\Local\Adobe
2013-07-03 14:20 - 2013-07-03 14:08 - 34237393 ____A C:\Users\Alfred\Downloads\LFPA_Xv1.zip
2013-07-03 09:51 - 2013-07-03 09:43 - 24293035 ____A C:\Users\Alfred\Downloads\F-16D_X-1.zip
2013-07-03 09:44 - 2013-07-03 09:41 - 08275871 ____A C:\Users\Alfred\Downloads\f16b_viper.zip
2013-07-03 09:30 - 2013-07-03 09:30 - 00000000 ____D C:\Users\Alfred\Downloads\LSGG_flatten_rwy27
2013-07-02 21:01 - 2013-07-02 21:01 - 00001180 ____A C:\Users\Alfred\Desktop\bkk mit OSLL - Verknüpfung.lnk
2013-07-02 18:45 - 2013-07-02 18:45 - 00000710 ____A C:\Users\Alfred\Desktop\PIX - Verknüpfung.lnk
2013-07-02 18:31 - 2013-06-21 07:55 - 00000000 ____D C:\Users\Alfred\Documents\WALTI PAUL
2013-07-02 18:30 - 2013-04-23 17:22 - 00000000 ____D C:\Users\Alfred\Documents\PC ERRORS REPAIRS
2013-07-01 18:53 - 2013-07-01 18:53 - 00001132 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-07-01 18:53 - 2012-12-17 20:29 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2013-07-01 18:53 - 2012-10-25 14:54 - 00000000 ____D C:\Program Files (x86)\Real
2013-07-01 18:53 - 2012-10-25 14:53 - 00000000 ____D C:\ProgramData\Real
2013-07-01 18:52 - 2012-12-17 20:28 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2013-06-30 18:52 - 2012-10-21 15:24 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\vlc
2013-06-30 08:04 - 2009-07-14 06:45 - 02236816 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 17:49 - 2012-10-19 03:23 - 00068440 ____A C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 16:54 - 2013-06-29 16:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\OpenOffice.org
2013-06-29 16:51 - 2013-06-29 16:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-06-29 16:47 - 2013-06-29 16:47 - 00000702 ____A C:\Users\Alfred\Desktop\Downloads - Verknüpfung.lnk
2013-06-29 16:37 - 2012-10-21 15:18 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.5
2013-06-29 12:09 - 2013-06-29 12:09 - 00000000 ____D C:\ProgramData\Free Download Manager
2013-06-29 12:08 - 2013-06-29 12:08 - 00001073 ____A C:\Users\Alfred\Desktop\Free Download Manager.lnk
2013-06-29 12:08 - 2013-06-29 12:08 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-06-29 12:06 - 2013-06-29 12:05 - 07696614 ____A (FreeDownloadManager.ORG                                     ) C:\Users\Alfred\Downloads\fdminst_3.9.2b1303.exe
2013-06-29 11:57 - 2013-06-29 11:54 - 00000000 ____D C:\Users\Alfred\Desktop\DAILY
2013-06-29 11:55 - 2013-06-29 11:55 - 00001242 ____A C:\Users\Alfred\Desktop\Paint.lnk
2013-06-28 10:04 - 2013-06-28 10:04 - 00000322 ____A C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job
2013-06-27 07:20 - 2013-05-25 10:11 - 00000000 ____D C:\Users\Alfred\Documents\SecureSwiss VPN & Proxy Account kaufen  VPN Bestellung-Dateien
2013-06-27 07:09 - 2013-06-24 17:39 - 00002860 ____A C:\Windows\PFRO.log
2013-06-27 07:09 - 2012-10-25 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-26 21:28 - 2013-06-26 21:28 - 00000327 ____A C:\Users\Alfred\Desktop\HP Druckerdiagnosetools.url
2013-06-26 19:10 - 2012-11-01 11:06 - 00524800 __ASH C:\Users\Alfred\Documents\Thumbs.db
2013-06-26 18:39 - 2013-06-26 17:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 15:57 - 2013-06-26 15:57 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-26 15:56 - 2013-06-26 15:55 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup(1).exe
2013-06-26 15:56 - 2012-10-18 18:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-25 22:27 - 2013-06-25 22:27 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER.DE.TOOLS
2013-06-25 22:26 - 2013-04-23 17:56 - 00000000 ___RD C:\Users\Alfred\Desktop\PIX.VIDEO.INVENTAR.DM.PC
2013-06-25 17:56 - 2013-06-25 17:54 - 05799944 ____A (ParetoLogic, Inc.) C:\Users\Alfred\Downloads\RegCureProSetup_RW.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\ProgramData\Sun
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-25 17:37 - 2013-06-25 17:37 - 00903080 ____A (Oracle Corporation) C:\Users\Alfred\Downloads\jxpiinstall.exe
2013-06-25 17:25 - 2013-06-25 17:25 - 00001430 ____A C:\DelFix.txt
2013-06-25 17:25 - 2013-06-25 17:25 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:22 - 2013-06-25 17:22 - 00706820 ____A C:\Users\Alfred\Downloads\delfix(1).exe
2013-06-25 14:15 - 2013-05-19 12:30 - 00000000 ____D C:\Users\Alfred\Documents\PSORIASIS
2013-06-25 14:14 - 2012-11-01 12:26 - 00000000 ____D C:\Users\Alfred\Documents\PG
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-24 17:39 - 2013-06-24 17:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 17:36 - 2012-10-27 15:40 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\uTorrent
2013-06-24 16:27 - 2013-06-24 16:14 - 2502722492 ____A C:\Users\Alfred\Downloads\AS_USCITIESX-LOS-ANGELES_FSX.zip
2013-06-24 15:50 - 2012-10-18 18:16 - 00000000 ____D C:\Users\Alfred\AppData\Local\Google
2013-06-24 15:49 - 2013-06-24 15:49 - 00781768 ____A (Google Inc.) C:\Users\Alfred\Downloads\GoogleEarthSetup.exe
2013-06-24 15:45 - 2013-06-24 15:45 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup.exe
2013-06-24 15:44 - 2013-06-24 15:44 - 00051330 ____A C:\Users\Alfred\Downloads\LosAngeles.kmz
2013-06-24 15:26 - 2013-06-24 14:07 - 106816983 ____A C:\Users\Alfred\Downloads\100jhriges Jubilum - Tagesschau - TV - SRF Player - Schweizer Radio und Fernsehen.m4v
2013-06-24 15:24 - 2013-06-24 15:02 - 46339176 ____A C:\Users\Alfred\Downloads\LibreOffice_4.0.4_Win_x86.msi
2013-06-24 12:23 - 2013-06-24 12:23 - 00219806 ____A C:\Users\Alfred\Downloads\data
2013-06-24 11:57 - 2012-11-08 13:12 - 00082944 __ASH C:\Users\Alfred\Thumbs.db
2013-06-23 22:04 - 2012-10-25 22:13 - 00000000 ____D C:\Users\Alfred\dwhelper
2013-06-23 17:57 - 2012-10-18 16:36 - 00000000 ____D C:\Windows\Panther
2013-06-21 16:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 12:01 - 2013-06-21 12:01 - 00000000 ____D C:\Users\Alfred\Desktop\VIDEOS BACKUP VON Y AUF T oder TT
2013-06-20 11:40 - 2013-06-20 11:40 - 00000000 ____D C:\Users\Alfred\Documents\Id Isaraporn
2013-06-20 09:44 - 2013-06-20 09:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 09:44 - 2013-06-20 09:36 - 00176156 ____A C:\Windows\hphins27.dat
2013-06-20 09:44 - 2012-10-29 15:14 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\HP
2013-06-20 09:44 - 2012-10-29 15:04 - 00001167 ____A C:\ProgramData\hpzinstall.log
2013-06-20 09:44 - 2012-10-29 15:04 - 00000000 ____D C:\ProgramData\HP
2013-06-20 09:37 - 2013-06-20 09:37 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-06-20 09:37 - 2012-10-29 15:04 - 00000000 ____D C:\Program Files (x86)\HP
2013-06-20 09:25 - 2013-06-20 09:23 - 132666488 ____A C:\Users\Alfred\Downloads\DJ_SF_03_D4300_NonNet_Full_Win_WW_130_140.exe
2013-06-20 07:52 - 2013-06-20 07:52 - 03812764 ____A C:\Users\Alfred\Documents\Lia2013.potm
2013-06-17 20:13 - 2013-06-17 20:13 - 14711864 ____A (Abelssoft                                                   ) C:\Users\Alfred\Downloads\checkdrive.exe
2013-06-16 20:25 - 2013-06-16 20:25 - 00001353 ____A C:\Users\Alfred\Desktop\1.DIVERSES AKTUELL - Verknüpfung.lnk
2013-06-15 11:41 - 2012-11-16 13:57 - 00000000 ____D C:\Users\Alfred\Documents\AVIATION
2013-06-12 23:48 - 2012-10-18 17:36 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 16:48 - 2012-10-22 08:20 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 16:48 - 2012-10-22 08:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 17:54 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-11 06:50 - 2013-06-11 06:50 - 00001329 ____A C:\Users\Alfred\Desktop\aerofly Flug Simulator 2013 - Verknüpfung.lnk
2013-06-10 17:46 - 2013-06-10 17:06 - 00000000 ____D C:\Program Files (x86)\aerofly Flug Simulator 2013
2013-06-10 17:44 - 2013-06-10 17:44 - 35049768 ____A (IPACS                                                       ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1000911.exe
2013-06-10 17:16 - 2013-06-10 17:14 - 00000000 ____D C:\Users\Alfred\Documents\aerofly Flug Simulator 2013
2013-06-10 17:13 - 2013-06-10 17:13 - 00001259 ____A C:\Users\Public\Desktop\aerofly Flug Simulator 2013.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00001789 ____A C:\Users\Alfred\Documents\iTunes.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iPod
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-07 13:54 - 2013-06-07 13:54 - 00000000 ____D C:\Users\Alfred\Documents\aerofly FS
2013-06-07 12:49 - 2012-11-16 13:56 - 00000000 ____D C:\Users\Alfred\Documents\HUMOR KURIOSES
2013-06-07 08:56 - 2012-11-22 20:01 - 00000000 ____D C:\Users\Alfred\Documents\KONTAKTE
2013-06-05 12:49 - 2013-06-05 12:49 - 00000603 ____A C:\Users\Alfred\Documents\fleurop mahnung.txt
2013-06-05 12:48 - 2013-06-05 11:04 - 00000000 ____D C:\Users\Alfred\Documents\Florian
2013-06-05 11:07 - 2013-05-25 20:54 - 00000000 ____D C:\Users\Alfred\Documents\DAILYTALK
2013-06-04 23:40 - 2013-06-04 23:40 - 00302375 ____A C:\Users\Alfred\Downloads\13_bar5_fs9.zip
2013-06-04 23:39 - 2013-06-04 23:38 - 03597186 ____A C:\Users\Alfred\Downloads\48_addon_largoet.zip
2013-06-04 08:59 - 2013-06-04 08:59 - 00001245 ____A C:\Users\Alfred\Desktop\PASSWÖRTER ex gamerPC - Verknüpfung.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 10:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Alfred at 2013-07-04 11:43:55
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (x32 Version: 3.2.3.28705)
Acronis Drive Monitor (x32 Version: 1.0.566)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
aerofly Flug Simulator 2013 (x32 Version: 1.0.9.11)
AMD Catalyst Install Manager (Version: 3.0.859.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 140.0.298.000)
Catalyst Control Center InstallProxy (x32 Version: 2012.0117.53.1290)
CDBurnerXP (Version: 4.3.8.2568)
CheckDrive (x32 Version: 4.4)
D4300 (x32 Version: 130.0.365.000)
Destinations (x32 Version: 140.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DivX Setup (x32 Version: 2.6.1.22)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000)
DocProc (x32 Version: 140.0.185.000)
doPDF 7.3 printer
Free Download Manager 3.9.2 (x32)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Garmin WebUpdater (x32 Version: 2.5.6)
Google Chrome (x32 Version: 27.0.1453.116)
Google Earth (x32 Version: 7.1.1.1580)
Google Update Helper (x32 Version: 1.3.21.145)
GPBaseService2 (x32 Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 14.5 (Version: 14.5)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Scanjet G4050 (Version: 14.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.002.006.003)
HPDiagnosticAlert (x32 Version: 1.00.0000)
hpg4050 (x32 Version: 140.000.000.000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
iCloud (Version: 2.1.2.8)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8107.0)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0)
Microsoft Security Client (Version: 2.0.0657.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0)
Microsoft Security Essentials (Version: 2.0.657.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OCR Software by I.R.I.S. 14.5 (Version: 14.5)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Editor 3 (x32)
PDFCreator (x32 Version: 1.7.0)
Picasa 3 (x32 Version: 3.9)
QuickTime (x32 Version: 7.74.80.86)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
Realtek Ethernet Controller Driver (x32 Version: 7.47.714.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Scan (x32 Version: 14.0.1.0)
Secret Disk 1.35 (x32)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.105)
SlimComputer (x32 Version: 1.3.28413)
SlimDrivers (x32 Version: 2.2.29035)
SmartWebPrinting (x32 Version: 130.0.457.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
Steganos Safe 14 (x32 Version: 14.1)
TeamViewer 7 (x32 Version: 7.0.15723)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Video Converter (HKCU)
VLC media player 2.0.1 (x32 Version: 2.0.1)
VMLite Workstation (Version: 3.2.6)
WebReg (x32 Version: 140.0.297.017)
Win2PDF 7 (Version: 7.0.46)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

==================== Restore Points  =========================

25-06-2013 15:25:27 Ende der Bereinigung
25-06-2013 15:38:14 Installed Java 7 Update 25
28-06-2013 06:39:06 Windows Update
29-06-2013 14:36:34 Removed LibreOffice 3.5
29-06-2013 14:48:36 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
29-06-2013 14:49:22 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
29-06-2013 14:50:58 OpenOffice.org 3.4.1 wird installiert
01-07-2013 08:52:51 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2B6067FB-C1AA-4F5C-8D50-32A50E648601} - System32\Tasks\ReclaimerUpdateXML_Alfred => C:\Users\Alfred\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-15] (RealNetworks, Inc.)
Task: {38E89483-4006-4028-8993-C91E79C42BAB} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2012-12-10] (Abelssoft)
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {45852216-9075-451F-95B8-C3EBA9F7A518} - System32\Tasks\WebReg HP Deskjet D4300 series => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [2011-04-29] (Hewlett-Packard Company)
Task: {4EE05179-C0FB-4692-A6EB-ED65384D09DF} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-04-24] (SlimWare Utilities, Inc.)
Task: {52C9227D-796D-4DE9-8384-2BB6BDC41800} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe No File
Task: {6B3BBD34-4CB4-4B8A-BC33-B878359CAFDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {9870915F-1D29-408E-880D-01C1443384FB} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {CBCDB276-4B6A-4FDC-9D20-1C4256DD0CF8} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {F3E7C898-EF74-4435-9C01-1F3DCD1286D5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2013 11:10:03 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/04/2013 11:08:04 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/04/2013 09:37:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10031

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10031

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9017

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2013 02:35:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8018


System errors:
=============
Error: (07/04/2013 10:33:21 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:33:16 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:33:09 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:33:05 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:33:00 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:32:55 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:32:50 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:32:45 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:32:41 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (07/04/2013 10:32:36 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (07/04/2013 11:10:03 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (07/04/2013 11:08:04 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (07/04/2013 09:37:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10031

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10031

Error: (07/03/2013 02:35:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9017

Error: (07/03/2013 02:35:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2013 02:35:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8018


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8119.05 MB
Available physical RAM: 5700.43 MB
Total Pagefile: 16236.29 MB
Available Pagefile: 13574.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:129.33 GB) NTFS (Disk=0 Partition=2)
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:25.29 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 04.07.2013, 11:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Da is ja schon wieder Adware drauf

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und bitte mal nen Screenshot von der Fehlermeldung.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.07.2013, 11:28   #5
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Danke, Schrauber, hier die logs:
AdwCleaner und JRT
Gruss
AnatolAdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 04/07/2013 um 12:15:30 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Alfred - DM12REP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Alfred\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\jetpack

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\3nxitfyj.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\prefs.js

Gelöscht : user_pref("extensions.enabledAddons", "waters%40attask.com:0.8,anttoolbar%40ant.com:2.4.7.8,adblockp[...]

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.28] : icon_url = "hxxp://www.claro-search.com/favicon.ico",
Gelöscht [l.31] : keyword = "claro-search.com",
Gelöscht [l.35] : search_url = "hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4412_5&babsrc=SP_c[...]

*************************

AdwCleaner[S1].txt - [1403 octets] - [04/07/2013 12:15:30]

########## EOF - C:\AdwCleaner[S1].txt - [1463 octets] ##########
         
--- --- ---JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Alfred on 04.07.2013 at 12:21:50.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\free download manager
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ammyy"



~~~ FireFox

Successfully deleted: [File] C:\Users\Alfred\AppData\Roaming\mozilla\firefox\profiles\qnr0hiir.default\invalidprefs.js
Successfully deleted: [File] "C:\Users\Alfred\AppData\Roaming\mozilla\firefox\profiles\qnr0hiir.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi" 
Emptied folder: C:\Users\Alfred\AppData\Roaming\mozilla\firefox\profiles\qnr0hiir.default\minidumps [469 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.07.2013 at 12:24:53.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


Alt 04.07.2013, 12:33   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



dann den Screenshot bitte.
__________________
--> Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt

Alt 04.07.2013, 13:12   #7
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Zitat:
Zitat von schrauber Beitrag anzeigen
dann den Screenshot bitte.
Hallo Schrauber,
Wenn ich Dich richtig verstehe, meinst Du den screenshot von der Meldung "Anzeigetreiber. etc etc. .." nicht war? ok, dann versuche ich mein Bestes, den zu erwischen.
Gruss und vielen Dank

Anatol

Alt 04.07.2013, 14:10   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Jap
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.07.2013, 08:34   #9
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Hallo Schrauber, nun fängt der Spuk wieder an...
Gruss Anatol

Alt 05.07.2013, 09:38   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Wo bleibt der Screenshot?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.07.2013, 14:26   #11
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Hallo Schrauber,
eigenartig, ich habe den screenshot hochgeladen, indem ich die url in die vorherige, obige Antwort poste, worauf das Bild gut sichtbar in diesem Forumtext erscheint und erhalte Meldung, dass dies nicht der Fall sei??. versuche es nochmals (und erneut sehe ich das Bild deutlich im Text hier...)



Gruss und vielen Dank für Deine Geduld

Anatol

Alt 05.07.2013, 17:21   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Öffne bitte FRST, setz nen Haken bei Additional und scanne, poste beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.07.2013, 20:22   #13
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Hallo Schrauber,
Zu Deiner info: FRST64 wird als outdated erklärt. Ein update ist nicht möglich, es wird immer die gleiche Dateil heruntergeladen. Ausserdem kommt eine Warnung über die Qualität des tools, eigenartig.. ich habe jetzt mit der "alten" Version gescannt.
Danke und Gruss
AnatolFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Alfred at 2013-07-05 21:17:42
Running from C:\Users\Alfred\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (x32 Version: 3.2.3.28705)
Acronis Drive Monitor (x32 Version: 1.0.566)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
aerofly Flug Simulator 2013 (x32 Version: 1.0.9.11)
AMD Catalyst Install Manager (Version: 3.0.859.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 140.0.298.000)
Catalyst Control Center InstallProxy (x32 Version: 2012.0117.53.1290)
CDBurnerXP (Version: 4.3.8.2568)
CheckDrive (x32 Version: 4.4)
D4300 (x32 Version: 130.0.365.000)
Destinations (x32 Version: 140.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DivX Setup (x32 Version: 2.6.1.22)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000)
DocProc (x32 Version: 140.0.185.000)
doPDF 7.3 printer
Free Download Manager 3.9.2 (x32)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Garmin WebUpdater (x32 Version: 2.5.6)
Google Chrome (x32 Version: 27.0.1453.116)
Google Earth (x32 Version: 7.1.1.1580)
Google Update Helper (x32 Version: 1.3.21.145)
GPBaseService2 (x32 Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 14.5 (Version: 14.5)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Scanjet G4050 (Version: 14.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.002.006.003)
HPDiagnosticAlert (x32 Version: 1.00.0000)
hpg4050 (x32 Version: 140.000.000.000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
iCloud (Version: 2.1.2.8)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8107.0)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0)
Microsoft Security Client (Version: 2.0.0657.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.0.0657.0)
Microsoft Security Essentials (Version: 2.0.657.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OCR Software by I.R.I.S. 14.5 (Version: 14.5)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Editor 3 (x32)
PDFCreator (x32 Version: 1.7.0)
Picasa 3 (x32 Version: 3.9)
QuickTime (x32 Version: 7.74.80.86)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
Realtek Ethernet Controller Driver (x32 Version: 7.47.714.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Scan (x32 Version: 14.0.1.0)
Secret Disk 1.35 (x32)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.105)
SlimComputer (x32 Version: 1.3.28413)
SlimDrivers (x32 Version: 2.2.29035)
SmartWebPrinting (x32 Version: 130.0.457.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
Steganos Safe 14 (x32 Version: 14.1)
TeamViewer 7 (x32 Version: 7.0.15723)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Video Converter (HKCU)
VLC media player 2.0.1 (x32 Version: 2.0.1)
VMLite Workstation (Version: 3.2.6)
WebReg (x32 Version: 140.0.297.017)
Win2PDF 7 (Version: 7.0.46)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

==================== Restore Points  =========================

25-06-2013 15:25:27 Ende der Bereinigung
25-06-2013 15:38:14 Installed Java 7 Update 25
28-06-2013 06:39:06 Windows Update
29-06-2013 14:36:34 Removed LibreOffice 3.5
29-06-2013 14:48:36 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
29-06-2013 14:49:22 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
29-06-2013 14:50:58 OpenOffice.org 3.4.1 wird installiert
01-07-2013 08:52:51 Windows Update
05-07-2013 13:03:23 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F4C70B3-EBFE-4423-95DC-579F15A4862F} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {23099809-819F-469F-8DB5-3EFD2534E9B4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2B6067FB-C1AA-4F5C-8D50-32A50E648601} - System32\Tasks\ReclaimerUpdateXML_Alfred => C:\Users\Alfred\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-15] (RealNetworks, Inc.)
Task: {38E89483-4006-4028-8993-C91E79C42BAB} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2012-12-10] (Abelssoft)
Task: {3C18B7BD-4FDA-4F02-88FD-6BBBE006EBB8} - System32\Tasks\WebReg HP Deskjet D4300 series => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [2011-04-29] (Hewlett-Packard Company)
Task: {44656418-5D1E-492A-992A-B224072B7A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {4EE05179-C0FB-4692-A6EB-ED65384D09DF} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-04-24] (SlimWare Utilities, Inc.)
Task: {52C9227D-796D-4DE9-8384-2BB6BDC41800} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5A591FB1-F812-4478-8026-1B7DA49291F5} - System32\Tasks\Run RoboForm Process => C:\Users\Alfred\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe No File
Task: {6B3BBD34-4CB4-4B8A-BC33-B878359CAFDA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {95EB926D-69B0-44F2-9D5B-AFF786B57F10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {9870915F-1D29-408E-880D-01C1443384FB} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {C31010AC-5310-4E13-AF62-AD4309F3D4AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {CE999383-AEDF-4DEA-A2AF-988A1730AA8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {D7CCB75D-1289-4754-9151-A5D5ECA0BB65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9F4CB9B-2350-4982-9683-4050DC5D0BD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-25] (Google Inc.)
Task: {F3E7C898-EF74-4435-9C01-1F3DCD1286D5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {FF56BBCB-458A-4CC0-8DE1-C9BA13C2779A} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {FFC5DB78-D476-4DD5-AD76-459991BBBD4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-344976508-2612026722-1020238545-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2013 09:13:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8050

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8050

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7051

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7051

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/04/2013 06:22:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/04/2013 06:22:21 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/04/2013 06:22:20 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/04/2013 03:10:46 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/04/2013 02:54:12 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (07/04/2013 02:54:12 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (07/04/2013 02:54:11 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (07/04/2013 02:54:11 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.


Microsoft Office Sessions:
=========================
Error: (07/05/2013 09:13:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Documents\TROJANER.DE.TOOLS\esetsmartinstaller_enu.exe

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8050

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8050

Error: (07/05/2013 04:44:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7051

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7051

Error: (07/05/2013 04:44:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (07/05/2013 04:44:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 8119.05 MB
Available physical RAM: 6315 MB
Total Pagefile: 16236.29 MB
Available Pagefile: 12875.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:128.24 GB) NTFS (Disk=0 Partition=2)
Drive d: (Daten2) (Fixed) (Total:232.88 GB) (Free:25.29 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4CD6244)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: D20CD20C)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Alfred (administrator) on 05-07-2013 21:17:04
Running from C:\Users\Alfred\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ArcSoft, Inc.) C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(VMLite, Inc.) C:\VXP\VMLiteService.exe
() C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436224 2010-11-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [462400 2011-02-12] (Acronis)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2000-01-01] (Realtek Semiconductor)
HKCU\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [SAFE14 Browser Monitor] "C:\Program Files (x86)\Steganos Safe 14\SteganosBrowserMonitor.exe" [73216 2013-05-16] (Steganos Software GmbH)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: J - J:\HPLauncher.exe
MountPoints2: {63be18cd-1c39-11e2-87aa-20cf308e5960} - J:\HPLauncher.exe
MountPoints2: {aa142560-a0e7-11e2-b173-20cf308e5960} - K:\HPLauncher.exe
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-01] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [adm_tray.exe] C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Steganos HotKeys] "C:\Program Files (x86)\Steganos Safe 14\SteganosHotKeyService.exe" [103424 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE14 File Redirection Starter] "C:\Program Files (x86)\Steganos Safe 14\fredirstarter.exe" [17408 2013-05-16] (Steganos Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot [295512 2013-07-01] (RealNetworks, Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\adblockpopups@jessehakanen.net
FF Extension: Ant Video Downloader - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\anttoolbar@ant.com
FF Extension: AtTask Notifier - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\waters@attask.com
FF Extension: WOT - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ReminderFox - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: adblockpopups - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: client - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\client@anonymox.net.xpi
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: ffext_basicchromeext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\ffext_basicchromeext@startpage24.xpi
FF Extension: onlinehdtv - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\onlinehdtv@onlinehd.tv.xpi
FF Extension: savedpasswordeditor - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: waters - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\waters@attask.com.xpi
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\qnr0hiir.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (Claro Search) - hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4412_5&babsrc=SP_clro&mntrId=54c653ba0000000000000800270058af
CHR DefaultSuggestURL: (Claro Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Online HD TV) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih\1.2_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 BackupService; C:\Users\Alfred\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2010-11-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [282616 2010-11-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 VMLiteService; C:\VXP\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [188928 2010-10-24] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [72064 2010-10-24] (Microsoft Corporation)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-05] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Alfred\AppData\Local\Temp\ALSysIO64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-05 21:15 - 2013-07-05 21:16 - 01934636 ____A (Farbar) C:\Users\Alfred\Downloads\FRST64.exe
2013-07-05 21:15 - 2013-07-05 21:15 - 01934636 ____A (Farbar) C:\Users\Alfred\Downloads\FRST64 (1).exe
2013-07-05 21:14 - 2013-06-25 17:16 - 01931854 ____A (Farbar) C:\Users\Alfred\Desktop\FRST64(1).exe
2013-07-05 16:43 - 2013-07-05 16:43 - 00070916 ____A C:\Users\Alfred\Downloads\MegaScenery.Earth.Florida.torrent
2013-07-04 21:26 - 2013-07-04 21:27 - 00000000 ____D C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2013-07-04 17:23 - 2013-07-04 17:23 - 00944664 ____A C:\Users\Alfred\Desktop\image.jpeg
2013-07-04 15:55 - 2013-07-04 15:55 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 344911.crdownload
2013-07-04 15:54 - 2013-07-04 15:54 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 8751.crdownload
2013-07-04 15:53 - 2013-07-04 15:53 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 121405.crdownload
2013-07-04 12:21 - 2013-07-04 12:21 - 00000000 ____D C:\JRT
2013-07-04 12:15 - 2013-07-04 12:16 - 00001532 ____A C:\AdwCleaner[S1].txt
2013-07-04 11:42 - 2013-07-04 11:42 - 00000000 ____D C:\FRST
2013-07-04 10:18 - 2013-07-05 09:20 - 00000290 ____A C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-07-04 10:18 - 2013-07-04 10:18 - 00001923 ____A C:\Users\Alfred\Desktop\CheckDrive.lnk
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Users\Alfred\AppData\Local\Abelssoft
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 906428.crdownload
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 400646.crdownload
2013-07-03 17:48 - 2013-07-03 17:48 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 134248.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 36480.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 227743.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 164550.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 137318.crdownload
2013-07-03 17:44 - 2013-07-03 17:44 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 207392.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00057419 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 772565.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 678189.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 540075.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 21420.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 55379.crdownload
2013-07-03 14:08 - 2013-07-03 14:20 - 34237393 ____A C:\Users\Alfred\Downloads\LFPA_Xv1.zip
2013-07-03 09:43 - 2013-07-03 09:51 - 24293035 ____A C:\Users\Alfred\Downloads\F-16D_X-1.zip
2013-07-03 09:41 - 2013-07-03 09:44 - 08275871 ____A C:\Users\Alfred\Downloads\f16b_viper.zip
2013-07-03 09:30 - 2013-07-03 09:30 - 00000000 ____D C:\Users\Alfred\Downloads\LSGG_flatten_rwy27
2013-07-02 21:01 - 2013-07-02 21:01 - 00001180 ____A C:\Users\Alfred\Desktop\bkk mit OSLL - Verknüpfung.lnk
2013-07-02 18:45 - 2013-07-05 17:45 - 00000710 ____A C:\Users\Alfred\Desktop\PIX - Verknüpfung.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00001132 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-06-29 16:54 - 2013-06-29 16:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\OpenOffice.org
2013-06-29 16:51 - 2013-06-29 16:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-06-29 16:47 - 2013-06-29 16:47 - 00000702 ____A C:\Users\Alfred\Desktop\Downloads - Verknüpfung.lnk
2013-06-29 12:09 - 2013-06-29 12:09 - 00000000 ____D C:\ProgramData\Free Download Manager
2013-06-29 12:08 - 2013-07-04 18:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-06-29 12:08 - 2013-06-29 12:08 - 00001073 ____A C:\Users\Alfred\Desktop\Free Download Manager.lnk
2013-06-29 12:08 - 2013-06-29 12:08 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-06-29 12:05 - 2013-06-29 12:06 - 07696614 ____A (FreeDownloadManager.ORG                                     ) C:\Users\Alfred\Downloads\fdminst_3.9.2b1303.exe
2013-06-29 11:55 - 2013-06-29 11:55 - 00001242 ____A C:\Users\Alfred\Desktop\Paint.lnk
2013-06-29 11:54 - 2013-06-29 11:57 - 00000000 ____D C:\Users\Alfred\Desktop\DAILY
2013-06-28 10:04 - 2013-07-05 10:04 - 00000322 ____A C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job
2013-06-26 21:28 - 2013-06-26 21:28 - 00000327 ____A C:\Users\Alfred\Desktop\HP Druckerdiagnosetools.url
2013-06-26 17:15 - 2013-06-26 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 15:57 - 2013-06-26 15:57 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-26 15:55 - 2013-06-26 15:56 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup(1).exe
2013-06-25 22:27 - 2013-06-25 22:27 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER.DE.TOOLS
2013-06-25 17:54 - 2013-06-25 17:56 - 05799944 ____A (ParetoLogic, Inc.) C:\Users\Alfred\Downloads\RegCureProSetup_RW.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\ProgramData\Sun
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-25 17:37 - 2013-06-25 17:37 - 00903080 ____A (Oracle Corporation) C:\Users\Alfred\Downloads\jxpiinstall.exe
2013-06-25 17:25 - 2013-07-04 12:21 - 00000000 ____D C:\Windows\ERUNT
2013-06-25 17:25 - 2013-06-25 17:25 - 00001430 ____A C:\DelFix.txt
2013-06-25 17:22 - 2013-06-25 17:22 - 00706820 ____A C:\Users\Alfred\Downloads\delfix(1).exe
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-24 17:52 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-24 17:39 - 2013-07-05 14:56 - 00002039 ____A C:\Windows\setupact.log
2013-06-24 17:39 - 2013-06-27 07:09 - 00002860 ____A C:\Windows\PFRO.log
2013-06-24 17:39 - 2013-06-24 17:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 16:14 - 2013-06-24 16:27 - 2502722492 ____A C:\Users\Alfred\Downloads\AS_USCITIESX-LOS-ANGELES_FSX.zip
2013-06-24 15:49 - 2013-06-24 15:49 - 00781768 ____A (Google Inc.) C:\Users\Alfred\Downloads\GoogleEarthSetup.exe
2013-06-24 15:45 - 2013-06-24 15:45 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup.exe
2013-06-24 15:44 - 2013-06-24 15:44 - 00051330 ____A C:\Users\Alfred\Downloads\LosAngeles.kmz
2013-06-24 15:02 - 2013-06-24 15:24 - 46339176 ____A C:\Users\Alfred\Downloads\LibreOffice_4.0.4_Win_x86.msi
2013-06-24 14:07 - 2013-06-24 15:26 - 106816983 ____A C:\Users\Alfred\Downloads\100jhriges Jubilum - Tagesschau - TV - SRF Player - Schweizer Radio und Fernsehen.m4v
2013-06-24 12:23 - 2013-06-24 12:23 - 00219806 ____A C:\Users\Alfred\Downloads\data
2013-06-21 12:01 - 2013-06-21 12:01 - 00000000 ____D C:\Users\Alfred\Desktop\VIDEOS BACKUP VON Y AUF T oder TT
2013-06-21 07:55 - 2013-07-02 18:31 - 00000000 ____D C:\Users\Alfred\Documents\WALTI PAUL
2013-06-20 11:40 - 2013-06-20 11:40 - 00000000 ____D C:\Users\Alfred\Documents\Id Isaraporn
2013-06-20 09:44 - 2013-06-20 09:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 09:37 - 2013-06-20 09:37 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-06-20 09:36 - 2013-06-20 09:44 - 00176156 ____A C:\Windows\hphins27.dat
2013-06-20 09:36 - 2009-10-08 03:56 - 00000349 ____N C:\Windows\hphmdl27.dat
2013-06-20 09:23 - 2013-06-20 09:25 - 132666488 ____A C:\Users\Alfred\Downloads\DJ_SF_03_D4300_NonNet_Full_Win_WW_130_140.exe
2013-06-20 07:52 - 2013-06-20 07:52 - 03812764 ____A C:\Users\Alfred\Documents\Lia2013.potm
2013-06-17 20:13 - 2013-06-17 20:13 - 14711864 ____A (Abelssoft                                                   ) C:\Users\Alfred\Downloads\checkdrive.exe
2013-06-16 20:25 - 2013-06-16 20:25 - 00001353 ____A C:\Users\Alfred\Desktop\1.DIVERSES AKTUELL - Verknüpfung.lnk
2013-06-12 23:49 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 23:49 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 23:49 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 23:49 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 23:49 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 23:49 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 23:49 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 23:49 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 23:49 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 23:49 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 23:49 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 23:49 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 23:49 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 23:49 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 23:49 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 23:49 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 23:49 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 23:49 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 23:49 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 23:49 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 23:49 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 23:49 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 23:49 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 23:49 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 23:49 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 23:49 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 23:49 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 23:49 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 23:49 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 23:49 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 23:49 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 23:49 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 12:06 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 12:06 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:06 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:06 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 12:06 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:06 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:06 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 12:06 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 12:06 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 12:06 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 12:06 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 06:50 - 2013-06-11 06:50 - 00001329 ____A C:\Users\Alfred\Desktop\aerofly Flug Simulator 2013 - Verknüpfung.lnk
2013-06-10 17:44 - 2013-06-10 17:44 - 35049768 ____A (IPACS                                                       ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1000911.exe
2013-06-10 17:14 - 2013-06-10 17:16 - 00000000 ____D C:\Users\Alfred\Documents\aerofly Flug Simulator 2013
2013-06-10 17:13 - 2013-06-10 17:13 - 00001259 ____A C:\Users\Public\Desktop\aerofly Flug Simulator 2013.lnk
2013-06-10 17:06 - 2013-06-10 17:46 - 00000000 ____D C:\Program Files (x86)\aerofly Flug Simulator 2013
2013-06-08 22:53 - 2013-06-08 22:53 - 00001789 ____A C:\Users\Alfred\Documents\iTunes.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iPod
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-07 13:54 - 2013-06-07 13:54 - 00000000 ____D C:\Users\Alfred\Documents\aerofly FS
2013-06-05 12:49 - 2013-06-05 12:49 - 00000603 ____A C:\Users\Alfred\Documents\fleurop mahnung.txt
2013-06-05 11:04 - 2013-06-05 12:48 - 00000000 ____D C:\Users\Alfred\Documents\Florian

==================== One Month Modified Files and Folders =======

2013-07-05 21:16 - 2013-07-05 21:15 - 01934636 ____A (Farbar) C:\Users\Alfred\Downloads\FRST64.exe
2013-07-05 21:15 - 2013-07-05 21:15 - 01934636 ____A (Farbar) C:\Users\Alfred\Downloads\FRST64 (1).exe
2013-07-05 20:52 - 2012-10-25 14:53 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-05 20:48 - 2013-04-10 04:17 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-05 18:59 - 2012-10-18 15:41 - 01468781 ____A C:\Windows\WindowsUpdate.log
2013-07-05 17:45 - 2013-07-02 18:45 - 00000710 ____A C:\Users\Alfred\Desktop\PIX - Verknüpfung.lnk
2013-07-05 16:43 - 2013-07-05 16:43 - 00070916 ____A C:\Users\Alfred\Downloads\MegaScenery.Earth.Florida.torrent
2013-07-05 14:56 - 2013-06-24 17:39 - 00002039 ____A C:\Windows\setupact.log
2013-07-05 10:04 - 2013-06-28 10:04 - 00000322 ____A C:\Windows\Tasks\WebReg HP Deskjet D4300 series.job
2013-07-05 09:52 - 2012-10-25 14:53 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-05 09:28 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-05 09:28 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-05 09:25 - 2011-04-12 09:43 - 00698720 ____A C:\Windows\System32\perfh007.dat
2013-07-05 09:25 - 2011-04-12 09:43 - 00148916 ____A C:\Windows\System32\perfc007.dat
2013-07-05 09:25 - 2009-07-14 07:13 - 01619012 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-05 09:21 - 2013-05-23 10:06 - 00000412 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-05 09:20 - 2013-07-04 10:18 - 00000290 ____A C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-07-05 09:20 - 2013-05-23 10:06 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-07-05 09:20 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 21:27 - 2013-07-04 21:26 - 00000000 ____D C:\Users\Alfred\Documents\trojaner.board.de.4.7.013
2013-07-04 18:31 - 2013-06-29 12:08 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-07-04 17:23 - 2013-07-04 17:23 - 00944664 ____A C:\Users\Alfred\Desktop\image.jpeg
2013-07-04 15:55 - 2013-07-04 15:55 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 344911.crdownload
2013-07-04 15:54 - 2013-07-04 15:54 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 8751.crdownload
2013-07-04 15:53 - 2013-07-04 15:53 - 00030703 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 121405.crdownload
2013-07-04 15:49 - 2013-04-17 17:33 - 00000000 ____D C:\Users\Alfred\Documents\PW
2013-07-04 12:21 - 2013-07-04 12:21 - 00000000 ____D C:\JRT
2013-07-04 12:21 - 2013-06-25 17:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-04 12:16 - 2013-07-04 12:15 - 00001532 ____A C:\AdwCleaner[S1].txt
2013-07-04 11:42 - 2013-07-04 11:42 - 00000000 ____D C:\FRST
2013-07-04 10:18 - 2013-07-04 10:18 - 00001923 ____A C:\Users\Alfred\Desktop\CheckDrive.lnk
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Users\Alfred\AppData\Local\Abelssoft
2013-07-04 10:18 - 2013-07-04 10:18 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2013-07-04 09:40 - 2012-10-29 15:05 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\HpUpdate
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 906428.crdownload
2013-07-03 17:51 - 2013-07-03 17:51 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 400646.crdownload
2013-07-03 17:48 - 2013-07-03 17:48 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 134248.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 36480.crdownload
2013-07-03 17:47 - 2013-07-03 17:47 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 227743.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 164550.crdownload
2013-07-03 17:46 - 2013-07-03 17:46 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 137318.crdownload
2013-07-03 17:44 - 2013-07-03 17:44 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 207392.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00057419 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 772565.crdownload
2013-07-03 17:43 - 2013-07-03 17:43 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 678189.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 540075.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00029698 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 21420.crdownload
2013-07-03 17:42 - 2013-07-03 17:42 - 00028763 ____A C:\Users\Alfred\Downloads\Nicht bestätigt 55379.crdownload
2013-07-03 17:41 - 2012-10-18 18:15 - 00000000 ____D C:\Users\Alfred\AppData\Local\Adobe
2013-07-03 14:20 - 2013-07-03 14:08 - 34237393 ____A C:\Users\Alfred\Downloads\LFPA_Xv1.zip
2013-07-03 09:51 - 2013-07-03 09:43 - 24293035 ____A C:\Users\Alfred\Downloads\F-16D_X-1.zip
2013-07-03 09:44 - 2013-07-03 09:41 - 08275871 ____A C:\Users\Alfred\Downloads\f16b_viper.zip
2013-07-03 09:30 - 2013-07-03 09:30 - 00000000 ____D C:\Users\Alfred\Downloads\LSGG_flatten_rwy27
2013-07-02 21:01 - 2013-07-02 21:01 - 00001180 ____A C:\Users\Alfred\Desktop\bkk mit OSLL - Verknüpfung.lnk
2013-07-02 18:31 - 2013-06-21 07:55 - 00000000 ____D C:\Users\Alfred\Documents\WALTI PAUL
2013-07-02 18:30 - 2013-04-23 17:22 - 00000000 ____D C:\Users\Alfred\Documents\PC ERRORS REPAIRS
2013-07-01 18:53 - 2013-07-01 18:53 - 00001132 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\ProgramData\RealNetworks
2013-07-01 18:53 - 2013-07-01 18:53 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-07-01 18:53 - 2012-12-17 20:29 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2013-07-01 18:53 - 2012-10-25 14:54 - 00000000 ____D C:\Program Files (x86)\Real
2013-07-01 18:53 - 2012-10-25 14:53 - 00000000 ____D C:\ProgramData\Real
2013-07-01 18:52 - 2012-12-17 20:28 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2013-07-01 18:52 - 2012-12-17 20:28 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2013-06-30 18:52 - 2012-10-21 15:24 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\vlc
2013-06-30 08:04 - 2009-07-14 06:45 - 02236816 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 17:49 - 2012-10-19 03:23 - 00068440 ____A C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 16:54 - 2013-06-29 16:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\OpenOffice.org
2013-06-29 16:51 - 2013-06-29 16:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-06-29 16:47 - 2013-06-29 16:47 - 00000702 ____A C:\Users\Alfred\Desktop\Downloads - Verknüpfung.lnk
2013-06-29 16:37 - 2012-10-21 15:18 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.5
2013-06-29 12:09 - 2013-06-29 12:09 - 00000000 ____D C:\ProgramData\Free Download Manager
2013-06-29 12:08 - 2013-06-29 12:08 - 00001073 ____A C:\Users\Alfred\Desktop\Free Download Manager.lnk
2013-06-29 12:08 - 2013-06-29 12:08 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-06-29 12:06 - 2013-06-29 12:05 - 07696614 ____A (FreeDownloadManager.ORG                                     ) C:\Users\Alfred\Downloads\fdminst_3.9.2b1303.exe
2013-06-29 11:57 - 2013-06-29 11:54 - 00000000 ____D C:\Users\Alfred\Desktop\DAILY
2013-06-29 11:55 - 2013-06-29 11:55 - 00001242 ____A C:\Users\Alfred\Desktop\Paint.lnk
2013-06-27 07:20 - 2013-05-25 10:11 - 00000000 ____D C:\Users\Alfred\Documents\SecureSwiss VPN & Proxy Account kaufen  VPN Bestellung-Dateien
2013-06-27 07:09 - 2013-06-24 17:39 - 00002860 ____A C:\Windows\PFRO.log
2013-06-27 07:09 - 2012-10-25 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-26 21:28 - 2013-06-26 21:28 - 00000327 ____A C:\Users\Alfred\Desktop\HP Druckerdiagnosetools.url
2013-06-26 19:10 - 2012-11-01 11:06 - 00524800 __ASH C:\Users\Alfred\Documents\Thumbs.db
2013-06-26 18:39 - 2013-06-26 17:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 15:57 - 2013-06-26 15:57 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-26 15:56 - 2013-06-26 15:55 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup(1).exe
2013-06-26 15:56 - 2012-10-18 18:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-25 22:27 - 2013-06-25 22:27 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER.DE.TOOLS
2013-06-25 22:26 - 2013-04-23 17:56 - 00000000 ___RD C:\Users\Alfred\Desktop\PIX.VIDEO.INVENTAR.DM.PC
2013-06-25 17:56 - 2013-06-25 17:54 - 05799944 ____A (ParetoLogic, Inc.) C:\Users\Alfred\Downloads\RegCureProSetup_RW.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 17:38 - 2013-06-25 17:38 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\ProgramData\Sun
2013-06-25 17:38 - 2013-06-25 17:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-25 17:37 - 2013-06-25 17:37 - 00903080 ____A (Oracle Corporation) C:\Users\Alfred\Downloads\jxpiinstall.exe
2013-06-25 17:25 - 2013-06-25 17:25 - 00001430 ____A C:\DelFix.txt
2013-06-25 17:22 - 2013-06-25 17:22 - 00706820 ____A C:\Users\Alfred\Downloads\delfix(1).exe
2013-06-25 17:16 - 2013-07-05 21:14 - 01931854 ____A (Farbar) C:\Users\Alfred\Desktop\FRST64(1).exe
2013-06-25 14:15 - 2013-05-19 12:30 - 00000000 ____D C:\Users\Alfred\Documents\PSORIASIS
2013-06-25 14:14 - 2012-11-01 12:26 - 00000000 ____D C:\Users\Alfred\Documents\PG
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-24 17:52 - 2013-06-24 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-24 17:39 - 2013-06-24 17:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 17:36 - 2012-10-27 15:40 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\uTorrent
2013-06-24 16:27 - 2013-06-24 16:14 - 2502722492 ____A C:\Users\Alfred\Downloads\AS_USCITIESX-LOS-ANGELES_FSX.zip
2013-06-24 15:50 - 2012-10-18 18:16 - 00000000 ____D C:\Users\Alfred\AppData\Local\Google
2013-06-24 15:49 - 2013-06-24 15:49 - 00781768 ____A (Google Inc.) C:\Users\Alfred\Downloads\GoogleEarthSetup.exe
2013-06-24 15:45 - 2013-06-24 15:45 - 00781952 ____A (Google Inc.) C:\Users\Alfred\Downloads\googleupdatesetup.exe
2013-06-24 15:44 - 2013-06-24 15:44 - 00051330 ____A C:\Users\Alfred\Downloads\LosAngeles.kmz
2013-06-24 15:26 - 2013-06-24 14:07 - 106816983 ____A C:\Users\Alfred\Downloads\100jhriges Jubilum - Tagesschau - TV - SRF Player - Schweizer Radio und Fernsehen.m4v
2013-06-24 15:24 - 2013-06-24 15:02 - 46339176 ____A C:\Users\Alfred\Downloads\LibreOffice_4.0.4_Win_x86.msi
2013-06-24 12:23 - 2013-06-24 12:23 - 00219806 ____A C:\Users\Alfred\Downloads\data
2013-06-24 11:57 - 2012-11-08 13:12 - 00082944 __ASH C:\Users\Alfred\Thumbs.db
2013-06-23 22:04 - 2012-10-25 22:13 - 00000000 ____D C:\Users\Alfred\dwhelper
2013-06-23 17:57 - 2012-10-18 16:36 - 00000000 ____D C:\Windows\Panther
2013-06-21 16:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-21 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-21 12:01 - 2013-06-21 12:01 - 00000000 ____D C:\Users\Alfred\Desktop\VIDEOS BACKUP VON Y AUF T oder TT
2013-06-20 11:40 - 2013-06-20 11:40 - 00000000 ____D C:\Users\Alfred\Documents\Id Isaraporn
2013-06-20 09:44 - 2013-06-20 09:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 09:44 - 2013-06-20 09:36 - 00176156 ____A C:\Windows\hphins27.dat
2013-06-20 09:44 - 2012-10-29 15:14 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\HP
2013-06-20 09:44 - 2012-10-29 15:04 - 00001167 ____A C:\ProgramData\hpzinstall.log
2013-06-20 09:44 - 2012-10-29 15:04 - 00000000 ____D C:\ProgramData\HP
2013-06-20 09:37 - 2013-06-20 09:37 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-06-20 09:37 - 2012-10-29 15:04 - 00000000 ____D C:\Program Files (x86)\HP
2013-06-20 09:25 - 2013-06-20 09:23 - 132666488 ____A C:\Users\Alfred\Downloads\DJ_SF_03_D4300_NonNet_Full_Win_WW_130_140.exe
2013-06-20 07:52 - 2013-06-20 07:52 - 03812764 ____A C:\Users\Alfred\Documents\Lia2013.potm
2013-06-17 20:13 - 2013-06-17 20:13 - 14711864 ____A (Abelssoft                                                   ) C:\Users\Alfred\Downloads\checkdrive.exe
2013-06-16 20:25 - 2013-06-16 20:25 - 00001353 ____A C:\Users\Alfred\Desktop\1.DIVERSES AKTUELL - Verknüpfung.lnk
2013-06-15 11:41 - 2012-11-16 13:57 - 00000000 ____D C:\Users\Alfred\Documents\AVIATION
2013-06-12 23:48 - 2012-10-18 17:36 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 16:48 - 2012-10-22 08:20 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 16:48 - 2012-10-22 08:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 17:54 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-11 06:50 - 2013-06-11 06:50 - 00001329 ____A C:\Users\Alfred\Desktop\aerofly Flug Simulator 2013 - Verknüpfung.lnk
2013-06-10 17:46 - 2013-06-10 17:06 - 00000000 ____D C:\Program Files (x86)\aerofly Flug Simulator 2013
2013-06-10 17:44 - 2013-06-10 17:44 - 35049768 ____A (IPACS                                                       ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1000911.exe
2013-06-10 17:16 - 2013-06-10 17:14 - 00000000 ____D C:\Users\Alfred\Documents\aerofly Flug Simulator 2013
2013-06-10 17:13 - 2013-06-10 17:13 - 00001259 ____A C:\Users\Public\Desktop\aerofly Flug Simulator 2013.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00001789 ____A C:\Users\Alfred\Documents\iTunes.lnk
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files\iPod
2013-06-08 22:53 - 2013-06-08 22:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-07 13:54 - 2013-06-07 13:54 - 00000000 ____D C:\Users\Alfred\Documents\aerofly FS
2013-06-07 12:49 - 2012-11-16 13:56 - 00000000 ____D C:\Users\Alfred\Documents\HUMOR KURIOSES
2013-06-07 08:56 - 2012-11-22 20:01 - 00000000 ____D C:\Users\Alfred\Documents\KONTAKTE
2013-06-05 12:49 - 2013-06-05 12:49 - 00000603 ____A C:\Users\Alfred\Documents\fleurop mahnung.txt
2013-06-05 12:48 - 2013-06-05 11:04 - 00000000 ____D C:\Users\Alfred\Documents\Florian
2013-06-05 11:07 - 2013-05-25 20:54 - 00000000 ____D C:\Users\Alfred\Documents\DAILYTALK

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 10:31

==================== End Of Log ============================
         
--- --- ---

Alt 06.07.2013, 08:49   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Grafikkartentreiber schon neu installiert`?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.07.2013, 11:59   #15
suvannapum56
 
Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - Standard

Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt



Ja, habe ich Vor einiger zeit erneuert, weiss nicht mehr genau wann, werde ihn aber nochmals checken. Bin gerade ausser Haus und werde Dir morgen wieder berichten.vielen Dank

gruss Anatol

Antwort

Themen zu Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt
anzeige, anzeigetreiber, bedeuten, befall, fehler, monitor, professionelle, profis, rechner, schwere, sekunden, troja, trojaner, virenbefall



Ähnliche Themen: Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt


  1. wenn ich das pc anschalte zeigt es nach paar minuten stand da "anzeigetriber wurde nach dem fehler wieder hergestellt" also so in der richtu
    Alles rund um Windows - 09.08.2015 (3)
  2. Windows 7: Angeblicher Anzeigetreiber-Fehler wird in der Windows-Problembehandlung angezeigt
    Log-Analyse und Auswertung - 25.07.2014 (12)
  3. "Der Anzeigetreiber wurde nach einem Fehler..." bei Treiber Update und darauffolgend BSODs.
    Plagegeister aller Art und deren Bekämpfung - 25.03.2014 (5)
  4. Grafiktreiber nach Fehler wiederhergestellt und allgemeine Trojanersuche
    Plagegeister aller Art und deren Bekämpfung - 11.10.2013 (11)
  5. PC Lüfter drehen im Leerlauf hoch und nach bewegen der Maus hängt sich der Anzeigetreiber auf
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (7)
  6. PC Lüfter drehen im Leerlauf hoch und nach bewegen der Maus hängt sich der Anzeigetreiber auf
    Plagegeister aller Art und deren Bekämpfung - 03.06.2013 (11)
  7. Ich wurde von einem W32 Trojaner infiziert
    Log-Analyse und Auswertung - 08.05.2013 (4)
  8. NVidia Kernel Mode Driver wurde nach einem Fehler wiederhergestellt...Virus?
    Plagegeister aller Art und deren Bekämpfung - 12.03.2013 (12)
  9. Ich wurde von einem Windowsverschluesselungstrojaner infiziert
    Log-Analyse und Auswertung - 07.06.2012 (3)
  10. Der Anzeigetreiber wurde wiederhergestellt ?
    Netzwerk und Hardware - 25.04.2012 (12)
  11. Fehlermeldung: Anzeigetreiber wurde nach einem fehler wiederhergestellt
    Netzwerk und Hardware - 24.04.2012 (4)
  12. "Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt"
    Plagegeister aller Art und deren Bekämpfung - 12.02.2012 (0)
  13. Nach Start Fehler nach Laden xxxx.dll Modul wurde nicht gefunden
    Log-Analyse und Auswertung - 19.09.2011 (6)
  14. Der Anzeigetreiber wurde nach einem Fehler wieder hergestellt
    Alles rund um Windows - 11.02.2010 (7)
  15. Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt.
    Alles rund um Windows - 05.05.2009 (1)
  16. Probleme mit dem Rechner.. Das System wird nach einem schwerwiegenden Fehler wieder..
    Alles rund um Windows - 27.02.2009 (1)
  17. Sperrt Microsoft die FEstplatte nach einem Update mit einem nicht gekauften System??
    Alles rund um Windows - 14.11.2007 (1)

Zum Thema Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt - An die Trojaner Profis, Mein Rechner wurde nach einem schweren Virenbefall durch Eure professionelle Hilfe wieder flott gemacht. Nun aber zeigt sich jeden Tag ein paar Mal ein Fehler mit - Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt...
Archiv
Du betrachtest: Der Anzeigetreiber wurde nach einem Fehler wiederhergestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.