Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.07.2013, 20:05   #16
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Poste mal bitte ein frisches FSS Log. WIn DVD vorhanden?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2013, 05:52   #17
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Code:
ATTFilter
Farbar Service Scanner Version: 26-07-2013
Ran by schleppi (administrator) on 29-07-2013 at 23:14:38
Running from "C:\Users\schleppi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open afd registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open afd registry key. The service key does not exist.
Checking LEGACY_afd: ATTENTION!=====> Unable to open LEGACY_afd\0000 registry key. The key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\windows\system32\wuaueng.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         


Win7DVD ist vorhanden (System recovery media, Win7); habe aber vorhin schon versucht die zu starten, komme bei der Auswahl aber nur bis zum Menuepunkt, an dem man die Treiber auswählen muss und dann bricht das Programm ab. Es gibt noch ein vorinstalliertes Samsung-recovery auf dem Laptop.
Danke für's Dranbleiben!
troja12

Hi schrauber, ich habe jetzt noch n bißchen rumprobiert. die Win7 CD würde doch funktionieren. wenn der Trojaner weg ist probiere ich das dann mal.
__________________


Alt 30.07.2013, 07:59   #18
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



http://download.bleepingcomputer.com...ces/7/Dhcp.reg
http://download.bleepingcomputer.com...ices/7/AFD.reg
http://download.bleepingcomputer.com...ces/7/BITS.reg
http://download.bleepingcomputer.com...7/wuauserv.reg

alles downloaden und ausführen mit Rechtsklick als Admin. Erlauben. reboot und frisches FSS log bitte
__________________
__________________

Alt 31.07.2013, 08:08   #19
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Code:
ATTFilter
Farbar Service Scanner Version: 26-07-2013
Ran by schleppi (administrator) on 30-07-2013 at 21:14:25
Running from "C:\Users\schleppi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
Checking LEGACY_afd: ATTENTION!=====> Unable to open LEGACY_afd\0000 registry key. The key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Danke

...Jetzt auch mit Neustart....hatte ich voll vergessen.

Code:
ATTFilter
System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Alt 31.07.2013, 09:56   #20
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Die letzten beiden Reg-Dateien bitte nochmal ausführen und frisches FSS log posten

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2013, 10:08   #21
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Code:
ATTFilter
Farbar Service Scanner Version: 26-07-2013
Ran by schleppi (administrator) on 31-07-2013 at 11:07:06
Running from "C:\Users\schleppi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
Checking LEGACY_afd: ATTENTION!=====> Unable to open LEGACY_afd\0000 registry key. The key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Alt 31.07.2013, 11:41   #22
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Sehr komisch, lass bitte nochmal WIndows All in One laufen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2013, 15:21   #23
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Code:
ATTFilter
Farbar Service Scanner Version: 26-07-2013
Ran by schleppi (administrator) on 31-07-2013 at 16:19:09
Running from "C:\Users\schleppi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
Checking LEGACY_afd: ATTENTION!=====> Unable to open LEGACY_afd\0000 registry key. The key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\windows\system32\wuaueng.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Alt 31.07.2013, 19:33   #24
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Win7 DVD zur Hand?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2013, 06:17   #25
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



ok, dann lasse ich mal die Win7 laufen, melde mich dann morgen mit einem neuen Logfile und hoffentlich besseren Nachrichten.

lg und gute nacht

Habe wieder internet...Hurra!!

hier die Logs.
Code:
ATTFilter
Farbar Service Scanner Version: 26-07-2013
Ran by schleppi (administrator) on 01-08-2013 at 06:59:39
Running from "C:\Users\schleppi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2010-11-21 05:24] - [2010-11-21 05:24] - 0499712 ____A (Microsoft Corporation) D31DC7A16DEA4A9BAF179F3D6FBDB38C

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2010-11-21 05:24] - [2010-11-21 05:24] - 1924480 ____A (Microsoft Corporation) 509383E505C973ED7534A06B3D19688D

C:\Windows\System32\dnsrslvr.dll
[2010-11-21 05:24] - [2010-11-21 05:24] - 0183296 ____A (Microsoft Corporation) CD55F5355D8F55D44C9F4ED875705BD6

C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013 04
Ran by schleppi (administrator) on 01-08-2013 07:12:12
Running from C:\Users\schleppi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Dropbox, Inc.) C:\Users\schleppi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrowseForTheCause] - C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe [3744104 2013-07-28] ()
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
Startup: C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\schleppi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{37A550B1-E653-433A-9A90-446D9FB3494F}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{71DEE413-63EB-4D97-B36C-806F379CE74F}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{930E9C9E-AC09-4B4F-9693-F1464DE35CAB}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{D3F2B640-155A-470C-8C53-28570737A067}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{D5A08749-06D0-48B1-8A37-6931611456A4}: [NameServer]76.73.6.107,50.7.75.27
Tcpip\..\Interfaces\{e90d6c49-fa32-11e2-878a-806e6f6e6963}: [NameServer]76.73.6.107,50.7.75.27

FireFox:
========
FF ProfilePath: C:\Users\schleppi\AppData\Roaming\Mozilla\Firefox\Profiles\ibh5e4as.default
FF Homepage: https://login.yahoo.com/config/login_verify2?.intl=de&.src=ym
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p14_serp_ff_de_display?ie=UTF8&tagbase=bds-p14&tag=bds-p14-serp-de-ff-21&tbrId=v1_abb-channel-14_b53f9463d52d4b7a94bf69e8d387c953_16_37_20130720_DE_ff_ab_&query=
FF NetworkProxy: "autoconfig_url", "hxxp://proxy.charite.de/"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\schleppi\AppData\Roaming\Mozilla\Firefox\Profiles\ibh5e4as.default\searchplugins\amazon.xml
FF Extension: No Name - C:\Users\schleppi\AppData\Roaming\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
FF Extension: No Name - C:\Users\schleppi\AppData\Roaming\Mozilla\Firefox\Profiles\ibh5e4as.default\Extensions\75c9b989-a6e6-4455-971f-45304161eb23@02648b91-49b2-4d7f-99ef-7e959a8e6505.com
FF Extension: Ghostery - C:\Users\schleppi\AppData\Roaming\Mozilla\Firefox\Profiles\ibh5e4as.default\Extensions\firefox@ghostery.com
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Plus-HD-2.5) - C:\Users\schleppi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.23.8_0
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-27] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-27] (Windows (R) 2003 DDK 3790 provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-01 10:44 - 2013-08-01 06:38 - 00000000 ____D C:\Windows\Panther
2013-08-01 10:41 - 2013-08-01 10:41 - 00262144 _____ C:\Windows\system32\config\userdiff
2013-08-01 10:29 - 2013-08-01 01:19 - 00000000 ___HD C:\$WINDOWS.~Q
2013-08-01 10:19 - 2013-08-01 10:25 - 00000000 ___HD C:\$INPLACE.~TR
2013-08-01 07:11 - 2013-08-01 07:11 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-08-01 06:39 - 2013-08-01 06:39 - 00001443 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-01 06:39 - 2013-08-01 06:39 - 00001409 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-01 06:38 - 2013-08-01 06:38 - 00000020 ___SH C:\Users\schleppi\ntuser.ini
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Programme
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-08-01 01:43 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-08-01 01:43 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-08-01 01:43 - 2012-02-17 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-08-01 01:43 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-08-01 01:37 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-08-01 01:37 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-08-01 01:37 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-08-01 01:37 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-08-01 01:36 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-08-01 01:36 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-08-01 01:36 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-08-01 01:36 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-08-01 01:36 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-08-01 01:18 - 2013-08-01 01:18 - 00022960 _____ C:\Windows\system32\emptyregdb.dat
2013-08-01 01:11 - 2013-08-01 01:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-08-01 01:11 - 2013-08-01 01:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-08-01 00:51 - 2013-08-01 06:38 - 00000000 ____D C:\Users\schleppi
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Vorlagen
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Startmenü
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Netzwerkumgebung
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Lokale Einstellungen
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Eigene Dateien
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Druckumgebung
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Documents\Eigene Musik
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Documents\Eigene Bilder
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Local\Verlauf
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Local\Anwendungsdaten
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Anwendungsdaten
2013-08-01 00:51 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-08-01 00:51 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-08-01 00:50 - 2013-08-01 06:53 - 01336091 _____ C:\Windows\WindowsUpdate.log
2013-08-01 00:50 - 2013-08-01 00:50 - 00001355 _____ C:\Windows\TSSysprep.log
2013-08-01 00:50 - 2013-08-01 00:50 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-01 00:50 - 2013-06-21 12:23 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-01 00:50 - 2013-06-21 12:23 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-01 00:50 - 2013-06-21 12:23 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-08-01 00:50 - 2013-06-21 12:23 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-01 00:50 - 2013-06-21 12:23 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-01 00:50 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-01 00:49 - 2013-08-01 00:54 - 00000000 ____D C:\Program Files\Elantech
2013-08-01 00:49 - 2013-08-01 00:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\Program Files\Realtek
2013-07-31 23:23 - 2013-08-01 01:19 - 00006179 _____ C:\Windows\comsetup.log
2013-07-30 21:12 - 2013-07-30 21:09 - 00006288 _____ C:\Users\schleppi\Desktop\BITS.reg
2013-07-30 21:12 - 2013-07-30 21:09 - 00006176 _____ C:\Users\schleppi\Desktop\wuauserv.reg
2013-07-30 21:12 - 2013-07-30 21:09 - 00001680 _____ C:\Users\schleppi\Desktop\AFD.reg
2013-07-30 21:12 - 2013-07-30 21:08 - 00026406 _____ C:\Users\schleppi\Desktop\Dhcp.reg
2013-07-30 00:00 - 2013-07-31 16:10 - 00012214 _____ C:\Windows\WindowsUpdate (1).log
2013-07-29 20:03 - 2013-07-31 22:57 - 00001890 _____ C:\Windows\diagwrn.xml
2013-07-29 20:03 - 2013-07-31 22:57 - 00001890 _____ C:\Windows\diagerr.xml
2013-07-29 18:54 - 2013-08-01 01:05 - 00000000 ____D C:\Users\schleppi\AppData\Local\Apps\2.0
2013-07-29 18:33 - 2013-08-01 00:59 - 00000000 ____D C:\ProgramData\Uniblue
2013-07-29 17:11 - 2013-07-29 17:11 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SCHLEPPI-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-07-29 17:10 - 2013-07-29 17:10 - 00000000 ____D C:\RegBackup
2013-07-29 16:38 - 2013-07-29 16:38 - 00006576 ____N C:\bootsqm.dat
2013-07-29 16:31 - 2013-08-01 01:06 - 00000000 ____D C:\Users\schleppi\Desktop\Tweaking.com - Windows Repair
2013-07-29 16:31 - 2013-07-31 16:05 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-29 13:02 - 2013-08-01 00:56 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-29 13:00 - 2013-07-29 12:57 - 02347384 _____ (ESET) C:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe
2013-07-29 13:00 - 2013-07-29 12:57 - 00891098 _____ C:\Users\schleppi\Desktop\SecurityCheck.exe
2013-07-29 13:00 - 2013-07-29 12:56 - 00357145 _____ (Farbar) C:\Users\schleppi\Desktop\FSS.exe
2013-07-29 12:50 - 2013-08-01 01:06 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\DigitalSite
2013-07-28 19:11 - 2013-08-01 06:55 - 00000428 _____ C:\Windows\Tasks\Wise Care 365.job
2013-07-28 19:11 - 2013-07-29 08:05 - 00000408 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2013-07-28 19:11 - 2013-07-28 19:11 - 00003224 _____ C:\Windows\System32\Tasks\Wise Turbo Checker
2013-07-28 19:11 - 2013-07-28 19:11 - 00002860 _____ C:\Windows\System32\Tasks\Wise Care 365
2013-07-28 18:30 - 2013-08-01 00:59 - 00000000 ____D C:\Windows\ERUNT
2013-07-28 18:24 - 2013-07-28 18:24 - 00046379 _____ C:\AdwCleaner[S1].txt
2013-07-28 18:21 - 2013-07-28 18:21 - 00561198 _____ (Oleg N. Scherbakov) C:\Users\schleppi\Desktop\JRT.exe
2013-07-28 18:19 - 2013-07-28 18:19 - 00666633 _____ C:\Users\schleppi\Desktop\adwcleaner.exe
2013-07-28 10:16 - 2013-07-28 10:16 - 00072575 _____ C:\ComboFix.txt
2013-07-28 09:45 - 2013-07-28 10:16 - 00000000 ____D C:\Qoobox
2013-07-28 09:45 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-28 09:45 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-28 09:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-28 09:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-28 09:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-28 09:45 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-28 09:45 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-28 09:45 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-28 09:44 - 2013-08-01 00:59 - 00000000 ____D C:\Windows\erdnt
2013-07-28 09:43 - 2013-08-01 06:56 - 00001910 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-07-28 09:43 - 2013-08-01 06:56 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-07-28 09:43 - 2013-08-01 06:55 - 00001836 _____ C:\Windows\Tasks\Plus-HD-2.5-firefoxinstaller.job
2013-07-28 09:43 - 2013-08-01 06:55 - 00001204 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-07-28 09:43 - 2013-08-01 06:55 - 00001104 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-07-28 09:43 - 2013-08-01 00:57 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-07-28 09:43 - 2013-07-28 09:43 - 00004234 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-28 09:43 - 2013-07-28 09:43 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-28 09:43 - 2013-07-28 09:43 - 00004134 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-28 09:42 - 2013-08-01 06:57 - 00003398 _____ C:\Windows\System32\Tasks\BrowseForTheCauseUpdate
2013-07-28 09:42 - 2013-08-01 01:05 - 00000000 ____D C:\Users\schleppi\AppData\Local\emaze
2013-07-28 09:42 - 2013-08-01 00:56 - 00000000 ____D C:\Program Files (x86)\BrowseForTheCause
2013-07-28 09:42 - 2013-07-28 09:42 - 00001236 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-27 23:52 - 2013-08-01 01:06 - 00000000 ____D C:\Users\schleppi\Desktop\Desctop
2013-07-27 23:42 - 2013-07-27 23:42 - 01780815 _____ (Farbar) C:\Users\schleppi\Desktop\FRST64.exe
2013-07-27 23:42 - 2013-07-27 23:42 - 00000000 ____D C:\FRST
2013-07-19 22:43 - 2013-04-10 11:09 - 00849992 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-07-19 22:43 - 2013-04-10 11:09 - 00108104 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2013-07-19 22:43 - 2013-04-10 11:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-19 22:39 - 2013-06-21 05:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-19 22:39 - 2013-06-21 05:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-07-19 22:39 - 2013-02-24 22:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-07-19 22:39 - 2013-02-24 22:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-07-19 22:39 - 2013-01-29 01:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-07-19 22:36 - 2013-08-01 06:55 - 00000302 _____ C:\Windows\Tasks\Driver Booster Startup.job
2013-07-19 22:36 - 2013-08-01 01:06 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\IObit
2013-07-19 22:36 - 2013-08-01 00:59 - 00000000 ____D C:\ProgramData\IObit
2013-07-19 22:36 - 2013-08-01 00:56 - 00000000 ____D C:\Program Files (x86)\IObit
2013-07-19 22:36 - 2013-07-19 22:36 - 00003222 _____ C:\Windows\System32\Tasks\Driver Booster Scan
2013-07-19 22:36 - 2013-07-19 22:36 - 00003220 _____ C:\Windows\System32\Tasks\Driver Booster Update
2013-07-19 22:36 - 2013-07-19 22:36 - 00002582 _____ C:\Windows\System32\Tasks\Driver Booster Startup
2013-07-11 07:05 - 2013-06-12 01:43 - 02877440 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 07:05 - 2013-06-12 01:25 - 03958784 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll

==================== One Month Modified Files and Folders =======

2013-08-01 10:44 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-08-01 10:44 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-08-01 10:41 - 2013-08-01 10:41 - 00262144 _____ C:\Windows\system32\config\userdiff
2013-08-01 10:25 - 2013-08-01 10:19 - 00000000 ___HD C:\$INPLACE.~TR
2013-08-01 07:12 - 2013-08-01 00:50 - 01336091 _____ C:\Windows\WindowsUpdate.log
2013-08-01 07:11 - 2013-08-01 07:11 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-08-01 07:02 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 07:02 - 2009-07-14 06:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-01 06:59 - 2011-03-20 11:22 - 00680010 _____ C:\Windows\system32\perfh010.dat
2013-08-01 06:59 - 2011-03-20 11:22 - 00124006 _____ C:\Windows\system32\perfc010.dat
2013-08-01 06:59 - 2011-03-20 11:08 - 00643866 _____ C:\Windows\system32\perfh007.dat
2013-08-01 06:59 - 2011-03-20 11:08 - 00126394 _____ C:\Windows\system32\perfc007.dat
2013-08-01 06:59 - 2011-03-20 10:55 - 00684954 _____ C:\Windows\system32\perfh00C.dat
2013-08-01 06:59 - 2011-03-20 10:55 - 00127070 _____ C:\Windows\system32\perfc00C.dat
2013-08-01 06:59 - 2009-07-14 07:13 - 03085342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-01 06:58 - 2013-06-16 16:56 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1534DA73-4149-4D86-BC64-A5F303CCEF9E}
2013-08-01 06:57 - 2013-07-28 09:42 - 00003398 _____ C:\Windows\System32\Tasks\BrowseForTheCauseUpdate
2013-08-01 06:57 - 2012-02-10 19:05 - 00000000 ___RD C:\Users\schleppi\Dropbox
2013-08-01 06:57 - 2012-02-10 17:13 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Dropbox
2013-08-01 06:56 - 2013-07-28 09:43 - 00001910 _____ C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job
2013-08-01 06:56 - 2013-07-28 09:43 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.5-updater.job
2013-08-01 06:56 - 2009-07-14 06:51 - 00455229 _____ C:\Windows\setupact.log
2013-08-01 06:55 - 2013-07-28 19:11 - 00000428 _____ C:\Windows\Tasks\Wise Care 365.job
2013-08-01 06:55 - 2013-07-28 09:43 - 00001836 _____ C:\Windows\Tasks\Plus-HD-2.5-firefoxinstaller.job
2013-08-01 06:55 - 2013-07-28 09:43 - 00001204 _____ C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job
2013-08-01 06:55 - 2013-07-28 09:43 - 00001104 _____ C:\Windows\Tasks\Plus-HD-2.5-enabler.job
2013-08-01 06:55 - 2013-07-19 22:36 - 00000302 _____ C:\Windows\Tasks\Driver Booster Startup.job
2013-08-01 06:55 - 2012-08-26 13:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 06:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 06:39 - 2013-08-01 06:39 - 00001443 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-01 06:39 - 2013-08-01 06:39 - 00001409 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-01 06:39 - 2011-10-20 15:49 - 00000000 ___RD C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-01 06:39 - 2011-10-20 15:49 - 00000000 ___RD C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-01 06:38 - 2013-08-01 10:44 - 00000000 ____D C:\Windows\Panther
2013-08-01 06:38 - 2013-08-01 06:38 - 00000020 ___SH C:\Users\schleppi\ntuser.ini
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Programme
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-08-01 06:38 - 2013-08-01 06:38 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-08-01 06:38 - 2013-08-01 00:51 - 00000000 ____D C:\Users\schleppi
2013-08-01 06:38 - 2012-08-30 19:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-01 06:38 - 2012-08-26 13:12 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-01 06:38 - 2011-10-20 15:33 - 00000000 ____D C:\Recovery
2013-08-01 06:38 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-01 06:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-08-01 06:38 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-08-01 01:36 - 2011-10-20 16:03 - 00000000 ____D C:\ProgramData\MFAData
2013-08-01 01:35 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-08-01 01:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-01 01:30 - 2010-11-21 05:47 - 00010558 _____ C:\Windows\PFRO.log
2013-08-01 01:19 - 2013-08-01 10:29 - 00000000 ___HD C:\$WINDOWS.~Q
2013-08-01 01:19 - 2013-07-31 23:23 - 00006179 _____ C:\Windows\comsetup.log
2013-08-01 01:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2013-08-01 01:18 - 2013-08-01 01:18 - 00022960 _____ C:\Windows\system32\emptyregdb.dat
2013-08-01 01:16 - 2012-07-18 14:44 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-08-01 01:13 - 2009-07-14 06:45 - 00456040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-01 01:11 - 2013-08-01 01:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-08-01 01:11 - 2013-08-01 01:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-08-01 01:11 - 2009-07-14 06:46 - 00005157 _____ C:\Windows\DtcInstall.log
2013-08-01 01:10 - 2011-10-20 16:54 - 00000000 ____D C:\Users\schleppi\Downloads\SPSS Statistics v19
2013-08-01 01:10 - 2011-10-20 16:54 - 00000000 ____D C:\Users\schleppi\Downloads\MiKTeX 2.8
2013-08-01 01:07 - 2011-10-20 16:53 - 00000000 ____D C:\Users\schleppi\Downloads\LASSISTENT
2013-08-01 01:06 - 2013-07-29 16:31 - 00000000 ____D C:\Users\schleppi\Desktop\Tweaking.com - Windows Repair
2013-08-01 01:06 - 2013-07-29 12:50 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\DigitalSite
2013-08-01 01:06 - 2013-07-27 23:52 - 00000000 ____D C:\Users\schleppi\Desktop\Desctop
2013-08-01 01:06 - 2013-07-19 22:36 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\IObit
2013-08-01 01:06 - 2013-06-18 18:25 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\KingArthur
2013-08-01 01:06 - 2013-06-17 21:49 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\DigirononGames
2013-08-01 01:06 - 2013-04-15 18:08 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\dpdhl.versandhelfer
2013-08-01 01:06 - 2013-03-17 12:29 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Das Geheimnis der ägyptischen Mumie
2013-08-01 01:06 - 2013-03-14 17:27 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Vampire aus Nr. 13
2013-08-01 01:06 - 2013-03-13 13:42 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Yahoo!
2013-08-01 01:06 - 2013-02-27 13:58 - 00000000 ____D C:\Users\schleppi\Documents\Add-in Express
2013-08-01 01:06 - 2012-12-12 10:37 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\AVG2013
2013-08-01 01:06 - 2012-09-12 15:17 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\LibreOffice
2013-08-01 01:06 - 2012-09-03 17:32 - 00000000 ____D C:\Users\schleppi\Documents\CyberLink
2013-08-01 01:06 - 2012-08-30 19:05 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Real
2013-08-01 01:06 - 2012-08-29 22:40 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\ERS G-Studio
2013-08-01 01:06 - 2012-08-28 10:07 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\PC-FAX TX
2013-08-01 01:06 - 2012-08-27 00:09 - 00000000 ____D C:\Users\schleppi\Documents\Nokia Suite
2013-08-01 01:06 - 2012-08-20 22:04 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\TuneUp Software
2013-08-01 01:06 - 2012-08-19 16:19 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Freeze Tag
2013-08-01 01:06 - 2012-08-09 20:52 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\AVG
2013-08-01 01:06 - 2012-07-14 20:30 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\vlc
2013-08-01 01:06 - 2012-04-23 22:30 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\dvdcss
2013-08-01 01:06 - 2012-04-04 19:02 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Nokia Suite
2013-08-01 01:06 - 2012-04-04 18:51 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Nokia
2013-08-01 01:06 - 2012-04-04 18:50 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\PC Suite
2013-08-01 01:06 - 2012-04-02 18:20 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\EssentialPIM
2013-08-01 01:06 - 2012-03-28 23:54 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\CyberLink
2013-08-01 01:06 - 2012-02-14 00:05 - 00000000 ___RD C:\Users\schleppi\AppData\Roaming\Brother
2013-08-01 01:06 - 2012-02-10 18:59 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-08-01 01:06 - 2012-02-10 17:18 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\DVDVideoSoft
2013-08-01 01:06 - 2012-02-10 17:11 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\ASCOMP Software
2013-08-01 01:06 - 2012-02-10 17:09 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Azureus
2013-08-01 01:06 - 2011-10-21 00:04 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\InstallShield
2013-08-01 01:06 - 2011-10-20 19:50 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\OpenOffice.org
2013-08-01 01:06 - 2011-10-20 17:37 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\WinRAR
2013-08-01 01:06 - 2011-10-20 17:37 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-01 01:06 - 2011-10-20 16:53 - 00000000 ____D C:\Users\schleppi\Downloads\charite VPN
2013-08-01 01:06 - 2011-10-20 16:47 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Malwarebytes
2013-08-01 01:06 - 2011-10-20 15:52 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Mozilla
2013-08-01 01:06 - 2011-10-20 15:50 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Macromedia
2013-08-01 01:06 - 2011-10-20 15:50 - 00000000 ____D C:\Users\schleppi\AppData\Roaming\Adobe
2013-08-01 01:05 - 2013-07-29 18:54 - 00000000 ____D C:\Users\schleppi\AppData\Local\Apps\2.0
2013-08-01 01:05 - 2013-07-28 09:42 - 00000000 ____D C:\Users\schleppi\AppData\Local\emaze
2013-08-01 01:05 - 2012-12-12 10:25 - 00000000 ____D C:\Users\schleppi\AppData\Local\MFAData
2013-08-01 01:05 - 2012-12-12 10:25 - 00000000 ____D C:\Users\schleppi\AppData\Local\Avg2013
2013-08-01 01:05 - 2012-11-17 22:47 - 00000000 ____D C:\Users\schleppi\AppData\Local\Cyberlink
2013-08-01 01:05 - 2012-09-07 19:36 - 00000000 ____D C:\Users\schleppi\AppData\Local\Microsoft Games
2013-08-01 01:05 - 2012-08-20 22:15 - 00000000 ____D C:\Users\schleppi\AppData\Local\PDF24
2013-08-01 01:05 - 2012-07-18 14:01 - 00000000 ____D C:\Users\schleppi\AppData\Local\MicrosoftStore
2013-08-01 01:05 - 2012-06-10 23:00 - 00000000 ____D C:\Users\schleppi\AppData\Local\Macromedia
2013-08-01 01:05 - 2012-04-04 19:02 - 00000000 ____D C:\Users\schleppi\AppData\Local\NokiaAccount
2013-08-01 01:05 - 2012-04-04 18:50 - 00000000 ____D C:\Users\schleppi\AppData\Local\Nokia
2013-08-01 01:05 - 2012-02-11 15:34 - 00000000 ____D C:\Users\schleppi\AppData\Local\Amos 20.0
2013-08-01 01:05 - 2012-02-10 17:09 - 00000000 ____D C:\Users\schleppi\AppData\Local\Google
2013-08-01 01:05 - 2012-02-10 17:09 - 00000000 ____D C:\Users\schleppi\.swt
2013-08-01 01:05 - 2011-10-21 00:45 - 00000000 ____D C:\Users\schleppi\AppData\Local\javasharedresources
2013-08-01 01:05 - 2011-10-20 15:52 - 00000000 ____D C:\Users\schleppi\AppData\Local\Mozilla
2013-08-01 01:05 - 2011-10-20 15:49 - 00000000 ____D C:\Users\schleppi\AppData\Local\Power2Go
2013-08-01 01:05 - 2011-10-20 15:45 - 00000000 ____D C:\Users\schleppi\AppData\Local\Adobe
2013-08-01 01:05 - 2011-10-20 15:44 - 00000000 ____D C:\Users\schleppi\AppData\Local\VirtualStore
2013-08-01 01:01 - 2011-10-21 01:23 - 00000000 ____D C:\Windows\system32\Macromed
2013-08-01 01:01 - 2011-07-28 05:57 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-08-01 01:01 - 2011-07-28 05:54 - 00000000 ____D C:\Windows\twain_64
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\th-TH
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sl-SI
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ro-RO
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\hr-HR
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\bg-BG
2013-08-01 01:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ar-SA
2013-08-01 01:00 - 2012-08-16 13:17 - 00000000 ____D C:\Windows\pss
2013-08-01 01:00 - 2011-07-28 20:54 - 00000000 ____D C:\Windows\MSetup
2013-08-01 01:00 - 2011-07-28 05:39 - 00000000 ____D C:\Windows\Options
2013-08-01 01:00 - 2011-02-11 21:56 - 00000000 ____D C:\Windows\Sec
2013-08-01 01:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-01 00:59 - 2013-07-29 18:33 - 00000000 ____D C:\ProgramData\Uniblue
2013-08-01 00:59 - 2013-07-28 18:30 - 00000000 ____D C:\Windows\ERUNT
2013-08-01 00:59 - 2013-07-28 09:44 - 00000000 ____D C:\Windows\erdnt
2013-08-01 00:59 - 2013-07-19 22:36 - 00000000 ____D C:\ProgramData\IObit
2013-08-01 00:59 - 2013-06-13 19:00 - 00000000 ____D C:\ProgramData\Fenomen Games
2013-08-01 00:59 - 2013-05-21 22:26 - 00000000 ____D C:\ProgramData\Playrix Entertainment
2013-08-01 00:59 - 2013-01-23 18:59 - 00000000 ____D C:\ProgramData\Yahoo!
2013-08-01 00:59 - 2013-01-23 18:57 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-08-01 00:59 - 2013-01-22 21:18 - 00000000 ____D C:\ProgramData\AVG January 2013 Campaign
2013-08-01 00:59 - 2012-12-12 10:34 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-01 00:59 - 2012-09-10 21:20 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-08-01 00:59 - 2012-08-30 19:02 - 00000000 ____D C:\ProgramData\Real
2013-08-01 00:59 - 2012-08-20 22:04 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-08-01 00:59 - 2012-08-20 22:04 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-01 00:59 - 2012-07-17 22:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-01 00:59 - 2012-07-14 20:17 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-08-01 00:59 - 2012-05-03 08:04 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-01 00:59 - 2012-04-23 22:32 - 00000000 ____D C:\Users\Public\CyberLink
2013-08-01 00:59 - 2012-04-16 18:44 - 00000000 ____D C:\Program Files (x86)\Software Elements
2013-08-01 00:59 - 2012-04-04 18:50 - 00000000 ____D C:\ProgramData\PC Suite
2013-08-01 00:59 - 2012-04-04 18:49 - 00000000 ____D C:\ProgramData\Nokia
2013-08-01 00:59 - 2012-04-04 18:39 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-08-01 00:59 - 2012-02-10 17:16 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-08-01 00:59 - 2012-02-10 17:09 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-08-01 00:59 - 2011-10-21 01:34 - 00000000 ____D C:\ProgramData\Brother
2013-08-01 00:59 - 2011-10-21 01:23 - 00000000 ____D C:\ProgramData\McAfee
2013-08-01 00:59 - 2011-10-21 00:40 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2013-08-01 00:59 - 2011-10-21 00:39 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2013-08-01 00:59 - 2011-10-20 17:40 - 00000000 ____D C:\ProgramData\SPSS
2013-08-01 00:59 - 2011-10-20 16:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-01 00:59 - 2011-10-20 16:13 - 00000000 ____D C:\ProgramData\Sun
2013-08-01 00:59 - 2011-10-20 15:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-01 00:59 - 2011-10-20 15:47 - 00000000 ____D C:\ProgramData\Skype
2013-08-01 00:59 - 2011-10-20 15:45 - 00000000 ____D C:\ProgramData\Adobe
2013-08-01 00:59 - 2011-07-28 06:38 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-08-01 00:59 - 2011-07-28 06:03 - 00000000 ____D C:\ProgramData\WildTangent
2013-08-01 00:59 - 2011-07-28 06:03 - 00000000 ____D C:\ProgramData\Norton
2013-08-01 00:59 - 2011-07-28 05:58 - 00000000 ____D C:\ProgramData\WinClon
2013-08-01 00:59 - 2011-07-28 05:53 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2013-08-01 00:59 - 2011-07-28 05:49 - 00000000 ____D C:\ProgramData\SAMSUNG
2013-08-01 00:59 - 2011-07-28 05:41 - 00000000 ____D C:\ProgramData\CyberLink
2013-08-01 00:59 - 2011-07-28 05:41 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-08-01 00:59 - 2011-07-28 05:39 - 00000000 ____D C:\ProgramData\Atheros
2013-08-01 00:59 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-01 00:57 - 2013-07-28 09:43 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.5
2013-08-01 00:57 - 2013-05-21 22:24 - 00000000 ____D C:\Program Files (x86)\Playrix Entertainment
2013-08-01 00:57 - 2012-08-30 19:05 - 00000000 ____D C:\Program Files (x86)\Real
2013-08-01 00:57 - 2012-08-20 22:14 - 00000000 ____D C:\Program Files (x86)\PDF24
2013-08-01 00:57 - 2011-10-20 16:52 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-08-01 00:57 - 2011-10-20 16:09 - 00000000 ____D C:\Program Files (x86)\redist
2013-08-01 00:57 - 2011-10-20 16:09 - 00000000 ____D C:\Program Files (x86)\readmes
2013-08-01 00:57 - 2011-07-28 05:35 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-08-01 00:56 - 2013-07-29 13:02 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-01 00:56 - 2013-07-28 09:42 - 00000000 ____D C:\Program Files (x86)\BrowseForTheCause
2013-08-01 00:56 - 2013-07-19 22:36 - 00000000 ____D C:\Program Files (x86)\IObit
2013-08-01 00:56 - 2013-06-28 20:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-01 00:56 - 2013-06-06 23:15 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2013-08-01 00:56 - 2013-04-12 00:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-01 00:56 - 2012-08-26 13:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-01 00:56 - 2012-04-04 18:39 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-08-01 00:56 - 2012-04-02 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Sunbird
2013-08-01 00:56 - 2012-02-10 17:17 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-08-01 00:56 - 2011-10-21 01:42 - 00000000 ____D C:\Program Files (x86)\Brother
2013-08-01 00:56 - 2011-10-20 17:40 - 00000000 ____D C:\Program Files (x86)\IBM
2013-08-01 00:56 - 2011-10-20 17:24 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2013-08-01 00:56 - 2011-10-20 16:43 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-08-01 00:56 - 2011-10-20 16:14 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-01 00:56 - 2011-10-20 16:09 - 00000000 ____D C:\Program Files (x86)\licenses
2013-08-01 00:56 - 2011-10-20 16:09 - 00000000 ____D C:\Program Files (x86)\java
2013-08-01 00:56 - 2011-10-20 15:46 - 00000000 ____D C:\Program Files (x86)\Deskperience
2013-08-01 00:56 - 2011-07-28 05:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-01 00:56 - 2011-07-28 05:35 - 00000000 ____D C:\Program Files (x86)\Intel
2013-08-01 00:55 - 2013-06-16 15:32 - 00000000 ____D C:\Program Files\Tracker Software
2013-08-01 00:55 - 2012-02-10 17:11 - 00000000 ____D C:\Program Files (x86)\ASCOMP Software
2013-08-01 00:55 - 2011-10-20 17:36 - 00000000 ____D C:\Program Files\WinRAR
2013-08-01 00:55 - 2011-10-20 16:05 - 00000000 ____D C:\Program Files (x86)\AVG
2013-08-01 00:55 - 2011-07-28 06:36 - 00000000 ____D C:\Program Files\Windows Live
2013-08-01 00:55 - 2011-07-28 05:53 - 00000000 ____D C:\Program Files\Samsung AnyWeb Print
2013-08-01 00:55 - 2011-07-28 05:52 - 00000000 ____D C:\Program Files\Samsung
2013-08-01 00:55 - 2011-07-28 05:39 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-08-01 00:54 - 2013-08-01 00:49 - 00000000 ____D C:\Program Files\Elantech
2013-08-01 00:54 - 2013-06-28 20:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-01 00:54 - 2012-04-04 18:49 - 00000000 ____D C:\Program Files\DIFX
2013-08-01 00:54 - 2011-10-21 00:39 - 00000000 ____D C:\Program Files\Common Files\IBM
2013-08-01 00:54 - 2011-10-20 16:29 - 00000000 ____D C:\Program Files\CCleaner
2013-08-01 00:54 - 2011-07-28 05:40 - 00000000 ____D C:\Program Files\Broadcom
2013-08-01 00:54 - 2011-07-28 05:39 - 00000000 ____D C:\Program Files\Intel
2013-08-01 00:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Vorlagen
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Startmenü
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Netzwerkumgebung
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Lokale Einstellungen
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Eigene Dateien
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Druckumgebung
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Documents\Eigene Musik
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Documents\Eigene Bilder
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Local\Verlauf
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\AppData\Local\Anwendungsdaten
2013-08-01 00:51 - 2013-08-01 00:51 - 00000000 _SHDL C:\Users\schleppi\Anwendungsdaten
2013-08-01 00:50 - 2013-08-01 00:50 - 00001355 _____ C:\Windows\TSSysprep.log
2013-08-01 00:50 - 2013-08-01 00:50 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-01 00:50 - 2013-08-01 00:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-01 00:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-01 00:49 - 2013-08-01 00:49 - 00000000 ____D C:\Program Files\Realtek
2013-07-31 22:57 - 2013-07-29 20:03 - 00001890 _____ C:\Windows\diagwrn.xml
2013-07-31 22:57 - 2013-07-29 20:03 - 00001890 _____ C:\Windows\diagerr.xml
2013-07-31 16:10 - 2013-07-30 00:00 - 00012214 _____ C:\Windows\WindowsUpdate (1).log
2013-07-31 16:05 - 2013-07-29 16:31 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-31 16:04 - 2009-07-14 04:34 - 00000423 _____ C:\Windows\win.ini
2013-07-30 21:09 - 2013-07-30 21:12 - 00006288 _____ C:\Users\schleppi\Desktop\BITS.reg
2013-07-30 21:09 - 2013-07-30 21:12 - 00006176 _____ C:\Users\schleppi\Desktop\wuauserv.reg
2013-07-30 21:09 - 2013-07-30 21:12 - 00001680 _____ C:\Users\schleppi\Desktop\AFD.reg
2013-07-30 21:08 - 2013-07-30 21:12 - 00026406 _____ C:\Users\schleppi\Desktop\Dhcp.reg
2013-07-29 17:11 - 2013-07-29 17:11 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SCHLEPPI-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-07-29 17:10 - 2013-07-29 17:10 - 00000000 ____D C:\RegBackup
2013-07-29 16:38 - 2013-07-29 16:38 - 00006576 ____N C:\bootsqm.dat
2013-07-29 14:07 - 2012-11-25 11:14 - 00000000 ____D C:\Program Files (x86)\Wise
2013-07-29 12:57 - 2013-07-29 13:00 - 02347384 _____ (ESET) C:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe
2013-07-29 12:57 - 2013-07-29 13:00 - 00891098 _____ C:\Users\schleppi\Desktop\SecurityCheck.exe
2013-07-29 12:56 - 2013-07-29 13:00 - 00357145 _____ (Farbar) C:\Users\schleppi\Desktop\FSS.exe
2013-07-29 08:05 - 2013-07-28 19:11 - 00000408 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2013-07-28 19:11 - 2013-07-28 19:11 - 00003224 _____ C:\Windows\System32\Tasks\Wise Turbo Checker
2013-07-28 19:11 - 2013-07-28 19:11 - 00002860 _____ C:\Windows\System32\Tasks\Wise Care 365
2013-07-28 18:24 - 2013-07-28 18:24 - 00046379 _____ C:\AdwCleaner[S1].txt
2013-07-28 18:21 - 2013-07-28 18:21 - 00561198 _____ (Oleg N. Scherbakov) C:\Users\schleppi\Desktop\JRT.exe
2013-07-28 18:19 - 2013-07-28 18:19 - 00666633 _____ C:\Users\schleppi\Desktop\adwcleaner.exe
2013-07-28 10:16 - 2013-07-28 10:16 - 00072575 _____ C:\ComboFix.txt
2013-07-28 10:16 - 2013-07-28 09:45 - 00000000 ____D C:\Qoobox
2013-07-28 09:56 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-28 09:43 - 2013-07-28 09:43 - 00004234 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-codedownloader
2013-07-28 09:43 - 2013-07-28 09:43 - 00004230 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-updater
2013-07-28 09:43 - 2013-07-28 09:43 - 00004134 _____ C:\Windows\System32\Tasks\Plus-HD-2.5-enabler
2013-07-28 09:42 - 2013-07-28 09:42 - 00001236 _____ C:\Users\schleppi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-27 23:42 - 2013-07-27 23:42 - 01780815 _____ (Farbar) C:\Users\schleppi\Desktop\FRST64.exe
2013-07-27 23:42 - 2013-07-27 23:42 - 00000000 ____D C:\FRST
2013-07-22 18:40 - 2013-02-28 19:41 - 00000472 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-07-19 22:36 - 2013-07-19 22:36 - 00003222 _____ C:\Windows\System32\Tasks\Driver Booster Scan
2013-07-19 22:36 - 2013-07-19 22:36 - 00003220 _____ C:\Windows\System32\Tasks\Driver Booster Update
2013-07-19 22:36 - 2013-07-19 22:36 - 00002582 _____ C:\Windows\System32\Tasks\Driver Booster Startup
2013-07-13 16:27 - 2012-08-26 13:12 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 16:27 - 2012-08-26 13:12 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 19:40 - 2012-08-30 19:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-11 19:39 - 2012-08-30 19:22 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-11 19:39 - 2012-08-30 19:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 00:45

==================== End Of Log ============================
         
--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2013 04
Ran by schleppi at 2013-08-01 07:13:22
Running from C:\Users\schleppi\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Atheros Client Installation Program (x32 Version: 9.0)
AVG 2013 (Version: 13.0.3209)
AVG 2013 (Version: 13.0.3349)
AVG 2013 (Version: 2013.0.3349)
AVG PC Tuneup 2011 (x32)
BatteryLifeExtender (x32 Version: 1.0.11)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Brother MFL-Pro Suite MFC-255CW (x32 Version: 1.0.1.0)
Browse for the Cause (x32)
CCleaner (Version: 3.21)
D3DX10 (x32 Version: 15.4.2368.0902)
DBView Element 2005 (x32 Version: 4.0)
dows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Driver Booster (x32 Version: Beta 2.0)
Dropbox (HKCU Version: 2.0.22)
Easy Content Share (x32 Version: 1.0)
Easy Display Manager (x32 Version: 3.2)
Easy Migration (x32 Version: 1.0)
Easy Network Manager (x32 Version: 4.4.7)
Easy SpeedUp Manager (x32 Version: 2.1.1.1)
EasyBatteryManager (x32 Version: 4.0.0.4)
EasyFileShare (x32 Version: 1.0.12)
ESET Online Scanner v3 (x32)
ETDWare PS/2-X64 10.7.14.12_WHQL (Version: 10.7.14.12)
Fast Start (x32 Version: 2.2.0.1)
Fishdom 2 Deluxe (x32)
Free Studio version 5.3.3 (x32)
Free YouTube to MP3 Converter version 3.11.35.1031 (x32 Version: 3.11.35.1031)
FreeMind (x32 Version: 0.9.0_RC_10)
Google Update Helper (x32 Version: 1.3.21.153)
Intel PROSet Wireless (x32)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.5.1001)
Java Auto Updater (x32 Version: 2.1.9.0)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Movie Color Enhancer (x32 Version: 1.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Multimedia POP (x32 Version: 1.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
PC Connectivity Solution (x32 Version: 12.0.109.0)
PDF24 Creator 5.2.0 (x32)
PDF-Viewer (Version: 2.5.210.0)
PhoneShare (x32 Version: 9.1.4)
Plus-HD-2.5 (x32 Version: 1.27.153.5)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6400)
Samsung AnyWeb Print (x32 Version: 2.0.67.1)
Samsung Printer Live Update (x32)
Samsung Recovery Solution 5 (x32 Version: 5.0.1.0)
Samsung Support Center (x32 Version: 1.1.24)
Samsung Universal Print Driver (x32 Version: 2.02.05.00:27)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
Samsung Update Plus (x32 Version: 3.0.0.17)
Skype™ 4.2 (x32 Version: 4.2.169)
Synchredible (x32 Version: 4.0.0.5)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
User Guide (x32 Version: 1.6)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.2 (x32 Version: 2.0.2)
Vuze (x32 Version: 5.0.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3508.1109)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
WinRAR 4.00 (64-Bit) (Version: 4.00.0)
WordCaptureX Pro (x32 Version: 4.0.0)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

31-07-2013 23:35:37 Windows Update
01-08-2013 04:38:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-28 09:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {025A0E68-F036-467F-9553-F2C8F9FD91BA} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {062A5F82-BAFF-4AE1-AEA8-9EBB819E6561} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)
Task: {07B13C30-5A10-4756-B40E-D04632AF8EC3} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {07EF1EEC-8A79-4303-864E-7520287E8FDB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-07-17] (IObit)
Task: {0A91FBA5-96FE-4196-972D-E44CCC71A768} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {0AA78EFD-EA4E-4C03-9691-5855AE596C69} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {0FADA576-25F9-40F3-A9FD-5F00088303AA} - System32\Tasks\Driver Booster Startup => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2013-07-17] (IObit)
Task: {11D935D9-676C-44E4-BB96-FAA163882110} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {250B4C9C-B47D-4B0D-A4D5-F7DF6A12DA90} - System32\Tasks\Synchredible-schleppi => C:\Program Files (x86)\ASCOMP Software\Synchredible\synchredible.exe [2013-01-31] (ASCOMP Software GmbH)
Task: {3BE0B2FB-3DB8-4B06-A799-77B71757DBAF} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {4A0789F8-DADB-4675-83DE-5319E88315E9} - System32\Tasks\Plus-HD-2.5-codedownloader => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [2013-07-28] (Plus HD)
Task: {4C13C545-CC5D-4E5D-9C50-969215675D1D} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {5A6CCA2E-0505-4408-AC4C-D30F0CD55D4C} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe No File
Task: {5F956975-F718-4BD1-95FF-0D56C37E7119} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {703E4EC8-B7F6-4A0D-AB25-6269B4059E61} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {763A2B7B-6FFC-4568-8D0E-4F14CD53584A} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {7BD3816D-8E54-4926-9F66-7AD5BD0F11F8} - System32\Tasks\Plus-HD-2.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-firefoxinstaller.exe [2013-07-28] (Plus HD)
Task: {810BAD61-35F0-4982-BD9A-A584CA4AAA15} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2027592733-4161651481-1790285415-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {838FBF08-95EB-45D6-AD62-0CD3E5ADC9C9} - System32\Tasks\Plus-HD-2.5-enabler => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [2013-07-28] (Plus HD)
Task: {8B62AF8A-B95D-44FB-839A-8CF14A37C123} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {8C79300E-DF30-476A-8E90-4CEDB652CFCA} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {8EB1AA34-6AE2-4BA9-83B5-9923484245A8} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe No File
Task: {9793C63F-5F0D-4260-B559-D716A571374F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-07-17] (IObit)
Task: {9F2711AA-5D61-4A17-8937-937EB4C3F6CC} - System32\Tasks\BrowseForTheCauseUpdate => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe [2013-07-28] ()
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe No File
Task: {A2B37064-CE1B-46E8-B4D6-E597FE822F9F} - System32\Tasks\Plus-HD-2.5-updater => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [2013-07-28] (Plus HD)
Task: {BEF11CF5-B7C0-4BA1-B39D-E97B6EA2D365} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)
Task: {C00E7702-3342-4E08-877B-66882DB067B6} - System32\Tasks\Plus-HD-2.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [2013-07-28] (Plus HD)
Task: {C0B7810F-C442-42FF-B400-70ABDCC556BF} - System32\Tasks\User_Feed_Synchronization-{1534DA73-4149-4D86-BC64-A5F303CCEF9E} => C:\windows\system32\msfeedssync.exe [2010-11-21] (Microsoft Corporation)
Task: {C0D579B1-FCAF-4EEC-8B15-6A547768DEB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe No File
Task: {C7FE6C5C-69FF-4865-8F05-375B1515BEA9} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)
Task: {D35BCFE9-91F2-4A27-B486-85CE4E3265F0} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2027592733-4161651481-1790285415-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {E32F14BE-2FCE-44F8-96AA-DA303EDDA635} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe No File
Task: {E3E3A0CC-B5BC-447F-8972-573EDDA928B9} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)
Task: {E8FCA0E3-8F65-4045-861D-21B9D8886F8E} - \SidebarExecute No Task File
Task: {F008F492-3511-42B3-AB07-6FC0437EF6E7} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {F090C633-431A-4005-B2B7-EBDE3566F57B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Startup.job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-enabler.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.5-updater.job => C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Faulty Device Manager Devices =============

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Avgldx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2013 07:00:27 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2013 07:00:20 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2013 06:56:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 06:53:40 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2013 06:50:14 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2013 06:45:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 06:40:37 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (08/01/2013 06:40:37 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (08/01/2013 06:39:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2013 06:39:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/01/2013 06:55:10 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgldx64

Error: (08/01/2013 06:54:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 06:44:17 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgldx64

Error: (08/01/2013 06:44:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.

Error: (08/01/2013 01:41:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805256.


Microsoft Office Sessions:
=========================
Error: (08/01/2013 07:00:27 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2013 07:00:20 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2013 06:56:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 06:53:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2013 06:50:14 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2013 06:45:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 06:40:37 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/01/2013 06:40:37 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/01/2013 06:39:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2013 06:39:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\schleppi\Desktop\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-07-28 09:55:14.706
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-28 09:55:14.579
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8171.55 MB
Available physical RAM: 5649.56 MB
Total Pagefile: 16341.29 MB
Available Pagefile: 13816.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230 GB) (Free:136.52 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:342.28 GB) (Free:156.11 GB) NTFS (Disk=0 Partition=4)
Drive f: (DATEN!) (Removable) (Total:3.73 GB) (Free:3.47 GB) FAT32 (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 23C4F13B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=24 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
         
--- --- ---

Alt 01.08.2013, 09:33   #26
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Noch Probleme sonst?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2013, 15:15   #27
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Hi schrauber,
ist denn der trojaner jetzt weg??

Alt 01.08.2013, 21:23   #28
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Da sind nur noch Reste, die ich in einem Turn rausnehme, ich muss aber vorher wissen ob Du noch Probleme hast
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2013, 23:09   #29
troja12
 
Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



hi hi,

internet habe ich wieder.
die einzigen probleme, die ich gerade finde ist, das er meinen drucker immer als offline anzeigt und deshalb nix übertragen/gedruckt wird.
und er braucht ziemlich lange um hoch zu fahren und programme zu laden/zu öffnen.
ich lasse gerade mal avg-tuneup laufen, vielleicht kriegt er sich damit wieder ein.
die ganzen win7-updates sind schon drauf, alle treiber aktuell (sagt driver booster).
ansonsten bisher nix auffälliges. danke

drucker wiedergefunden
rechner ist noch immer etwas langsamer...aber geht...

Alt 02.08.2013, 11:17   #30
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Standard

Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe



Dann poste mal nach dem AVG-Turn ein frisches FRST log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe
aktuelle, aktuellen, bitte um hilfe, dateien, facebook, freue, gefangen, gen, hilfe, hänge, laufe, laufen, pup.optional.ibryte, pup.rewardsarcade, troja, trojaner, würde



Ähnliche Themen: Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe


  1. BKA Trojaner (Mbam findet Trojan.Ransom.ED), bitte um Hilfe bei der Entfernung
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (13)
  2. Polizei Trojaner Österreich gefangen! Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (30)
  3. Trojan.Agent/Gen-Koobface[Bonkers] and TR/ATRAPS.Gen
    Log-Analyse und Auswertung - 24.08.2012 (8)
  4. Facebook Virus (Koobface oder so)
    Plagegeister aller Art und deren Bekämpfung - 18.08.2011 (36)
  5. svchost.exe Virus über Facebook. Bitte Hilfe
    Plagegeister aller Art und deren Bekämpfung - 26.07.2011 (1)
  6. Worm.Koobface - bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (32)
  7. Facebook trojaner Trojan.Win32.Inject.apdr
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (7)
  8. HILFE! Trojaner gefangen! Google Weiterleitung auf unseriöse Seiten -
    Plagegeister aller Art und deren Bekämpfung - 20.12.2009 (4)
  9. Worm.KoobFace, Trojan.BHO auf dem System :(
    Plagegeister aller Art und deren Bekämpfung - 05.12.2009 (17)
  10. Mit Trojaner (Worm.KoobFace) über Facebook infiziert/Trojaner verschwunden?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2009 (1)
  11. ld11.exe (Worm.Koobface) bitte um logauswertung
    Log-Analyse und Auswertung - 15.07.2009 (6)
  12. Hilfe! EXP/ASF.GetCodec.Gen gefangen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2009 (2)
  13. Auch ich habe wohl den Trojan.Stwoyle gefangen
    Log-Analyse und Auswertung - 05.10.2005 (3)
  14. Trojaner gefangen: Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 13.09.2005 (5)
  15. NEED HELP ! Trojan gefangen
    Log-Analyse und Auswertung - 21.06.2005 (3)
  16. Brauche Hilfe !! Scheinbar einen Trojaner gefangen !?
    Plagegeister aller Art und deren Bekämpfung - 04.04.2004 (1)

Zum Thema Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe - Poste mal bitte ein frisches FSS Log. WIn DVD vorhanden? - Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe...
Archiv
Du betrachtest: Trojaner bei Facebook gefangen (Trojan.JS.Koobface.N.), bitte um Hilfe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.