Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bei Win7 Start Fehlermeldung RundDLL.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.11.2013, 08:36   #1
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Hallo folgender Fehler taucht seit 13.11.2013 ständig auf wenn Win7 die Programme hochfahren tut.

RundDLL
Problem beim Starten von
C:\User\Alexander\AppData\Local\Comduit\BackgroundContainer\BackgroundContainer.dll
Das angegebene Modul wurde nicht gefunden.

Der RundDLL taucht immer auf wenn ich folgendes tue:
PC anschalte oder neu Start ausführe darauf ihn Kommt ja das Windows Logo dann Passwort abfrage und zum guten Schluss ladet er die Programme . Und genau da kommt die RundDLL Meldung direkt als erstens. Wenn ich die Meldung weg Tücke lauft der PC ganz normal.

Ich hoffe das ich das Problem gut beschrieben habe für ein Otto normal Verbraucher.

Ich hoffe ihr könnt mir helfen .
MfG

Alt 16.11.2013, 10:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 16.11.2013, 10:32   #3
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



FRST.txt:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Alexander (administrator) on F-STAUDT-PC on 16-11-2013 08:10:01
Running from C:\Users\Alexander\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Akamai Technologies, Inc.) C:\Users\Alexander\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Sysinternals - www.sysinternals.com) C:\Users\Alexander\AppData\Local\Temp\Rar$EX76.824\Desktops.exe
(Windows Net) C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
() C:\Program Files (x86)\Hilfe Assistent\Hilfe_Assistent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Akamai Technologies, Inc.) C:\Users\Alexander\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-25] (AMD)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Alexander\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Run: [Sysinternals Desktops] - C:\Users\Alexander\AppData\Local\Temp\Rar$EX76.824\Desktops.exe [116824 2012-10-17] (Sysinternals - www.sysinternals.com) <===== ATTENTION
HKCU\...\Runonce: [Uninstall C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKCU\...\Runonce: [Uninstall C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKCU\...\Runonce: [Uninstall C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKCU\...\Runonce: [Uninstall C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [RestrictRun] 0
HKCU\...\Policies\Explorer: [DisallowRun] 1
MountPoints2: {4a269697-76c2-11e2-a0e5-806e6f6e6963} - E:\HTC_Sync_Manager_PC.exe
MountPoints2: {d891e1e6-5f61-11e0-ab2c-1c6f655e2e14} - I:\LaunchU3.exe -a
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Hilfe Assistent] - C:\Program Files (x86)\Hilfe Assistent\Hilfe_Assistent.exe [17299264 2013-05-24] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Smart File Advisor] - C:\Program Files (x86)\Smart File Advisor\sfa.exe [280824 2011-04-04] (Filefacts.net)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [MWS Reader 5] - C:\Program Files (x86)\MWS Reader 5\mwsr5.exe [13211648 2013-09-11] (directINNOVATION UG (haftungsbeschränkt))
HKU\Kinder\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-25] (AMD)
HKU\Kinder\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe /autorun
HKU\Kinder\...\Run: [SymphonyPreLoad] - "C:\Program Files (x86)\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\IBM Lotus Symphony" -nogui -nosplash
HKU\Kinder\...\Policies\system: [DisableLockWorkstation] 0
HKU\Kinder\...\Policies\system: [DisableClock] 0
HKU\Kinder\...\Policies\system: [LogonHoursAction] 2
HKU\Kinder\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IMEO\htcsyncmanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\tomtomhome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x44CDAB93487BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN10865843413209230&UM=2&ctid=CT3306061
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {2BACA8CB-0A13-463D-825A-40382E6B998B} URL = 
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1382047200000.000009&tguid=66920-6787-1382100463757-7268356F843C1D610785E3AC78AC2BD4&q={searchTerms}
SearchScopes: HKCU - DefaultScope {2BACA8CB-0A13-463D-825A-40382E6B998B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN10865843413209230&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {07A6CF4E-3E9D-4361-9978-71E75A29AAC1} URL = 
SearchScopes: HKCU - {2BACA8CB-0A13-463D-825A-40382E6B998B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN10865843413209230&UM=2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {70844FA2-EA47-4B43-931A-431F6417244C} URL = 
SearchScopes: HKCU - {A72ED1C9-598F-4D4A-85ED-A92ED580699B} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022&r=681
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} -  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll ()
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678
FF user.js: detected! => C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\user.js
FF DefaultSearchEngine: Connect DLC 5 Customized Web Search
FF SelectedSearchEngine: Connect DLC 5 Customized Web Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN14192292661832525&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\amazon-icon@giga.de
FF Extension: pricealarm - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Spartipps von SparPilot.com - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\sparpilot@sparpilot.com
FF Extension: RadioTotal1  - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{422f7661-9403-4da4-b4ef-cc3e268817b5}
FF Extension: Connect DLC 5  - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
FF Extension: prefs - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{1909da52-730a-4e17-922a-6820837f68de}.xpi
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{f2e20f61-9542-4a93-9391-448d442575cc}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: () - C:\Users\ALEXAN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Alexander\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-04] (Akamai Technologies, Inc.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-05-21] (Nero AG)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132056 2012-07-17] (Symantec Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-16 08:10 - 2013-11-16 08:10 - 00024872 _____ C:\Users\Alexander\Downloads\FRST.txt
2013-11-16 08:09 - 2013-11-16 08:09 - 01957794 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2013-11-16 08:09 - 2013-11-16 08:09 - 00000000 ____D C:\FRST
2013-11-16 08:07 - 2013-11-16 08:08 - 00000480 _____ C:\Users\Alexander\Downloads\defogger_disable.log
2013-11-16 08:07 - 2013-11-16 08:07 - 00050477 _____ C:\Users\Alexander\Downloads\Defogger.exe
2013-11-16 08:07 - 2013-11-16 08:07 - 00000000 _____ C:\Users\Alexander\defogger_reenable
2013-11-16 07:58 - 2013-11-16 07:58 - 00001532 _____ C:\windows\PFRO.log
2013-11-16 07:58 - 2013-11-16 07:58 - 00000056 _____ C:\windows\setupact.log
2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 _____ C:\windows\setuperr.log
2013-11-15 12:56 - 2013-11-15 13:06 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-11-15 12:56 - 2013-11-15 12:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\ParetoLogic
2013-11-15 12:56 - 2013-11-15 12:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\DriverCure
2013-11-15 09:24 - 2013-11-16 07:59 - 00003250 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-13 15:26 - 2013-11-13 15:26 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\appthology.net
2013-11-13 13:56 - 2013-11-13 13:57 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MediaMan
2013-11-13 12:31 - 2013-11-13 12:31 - 00003394 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-13 12:22 - 2013-11-13 12:25 - 00000736 _____ C:\windows\SysWOW64\ImageCaptureSuite.lic
2013-11-13 12:22 - 2013-11-13 12:22 - 00000052 _____ C:\windows\SysWOW64\ds_icsdr_f.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-12 22:58 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2013-11-12 22:58 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-12 22:58 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-12 22:58 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2013-11-12 22:58 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2013-11-12 22:58 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2013-11-12 22:58 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2013-11-12 22:58 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2013-11-12 22:58 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2013-11-12 22:58 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2013-11-12 22:58 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2013-11-12 22:58 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2013-11-12 22:58 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2013-11-12 22:58 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2013-11-12 22:58 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2013-11-12 22:58 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2013-11-12 22:58 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-11-12 22:58 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-11-12 22:53 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-12 22:53 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-12 22:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-12 22:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-12 22:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-12 22:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 22:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-12 22:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-12 22:53 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-12 22:53 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-12 22:53 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-12 22:53 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-12 22:53 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-12 22:53 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-12 22:53 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-12 22:53 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-12 22:53 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-12 22:53 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-12 22:53 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-12 22:51 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-12 22:51 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-12 22:51 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-12 22:51 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-12 22:51 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 22:51 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-12 22:51 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-09 17:49 - 2013-11-09 17:49 - 00000000 ____D C:\Users\Alexander\Downloads\CRMadar
2013-11-09 17:36 - 2013-11-09 17:36 - 00001106 _____ C:\Users\Kinder\Desktop\Zeiterfassung.lnk
2013-11-09 17:36 - 2013-11-09 17:36 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\IT-Service Christian Hau (www.a-bit-more.de)
2013-11-09 17:29 - 2013-11-09 17:34 - 00000000 ____D C:\Users\Alexander\AppData\Local\Deployment
2013-11-09 17:29 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Apps\2.0
2013-11-09 15:15 - 2013-11-09 15:15 - 00000089 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-11-09 15:14 - 2013-11-09 15:18 - 00000000 ____D C:\Program Files (x86)\EasyFirma
2013-11-09 15:04 - 2013-11-13 15:27 - 00000000 ____D C:\Users\Alexander\AppData\Local\Conduit
2013-11-09 15:04 - 2013-11-13 12:31 - 00000000 ____D C:\ProgramData\Conduit
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\WoAx-IT
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-09 15:03 - 2013-11-13 12:41 - 00000000 _____ C:\end
2013-11-09 15:03 - 2013-11-09 17:46 - 00000000 ____D C:\Users\Alexander\AppData\Local\DownloadGuide
2013-11-09 14:50 - 2013-11-09 14:50 - 00000000 ____D C:\Program Files (x86)\FutureCode
2013-11-09 09:07 - 2013-11-14 19:45 - 00000000 ____D C:\Users\Alexander\AppData\Local\FutureCode
2013-11-09 09:07 - 2013-11-14 19:45 - 00000000 ____D C:\ProgramData\firebird
2013-11-09 09:06 - 2013-11-09 14:50 - 00000000 ____D C:\Users\Public\Documents\FutureCode
2013-11-09 09:06 - 2013-11-09 09:06 - 06399352 _____ (                                                            ) C:\Users\Alexander\Downloads\cassandra_setup.exe
2013-11-06 16:40 - 2013-11-06 16:40 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\simplitec
2013-11-06 15:24 - 2013-11-06 15:24 - 00001172 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2013 Premium.lnk
2013-11-06 13:54 - 2013-11-06 13:54 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicEditor
2013-11-06 13:52 - 2013-11-06 13:52 - 00000000 ____D C:\ProgramData\simplitec
2013-11-06 13:45 - 2013-11-06 13:45 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Windows Net Data
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\ChromeExtensions
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempcd836cd86b6a58a7710ad2c090db7860
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Temp6c805cd7a53f3698b5c0466f4ab6d0bb
2013-11-06 13:43 - 2013-11-06 13:43 - 00669952 _____ C:\Users\Alexander\Downloads\MAGIX-Music-Maker-2013-Premium-Setup.exe
2013-11-06 00:53 - 2013-11-06 00:53 - 00000000 ____D C:\Users\Alexander\Documents\PC Speed Maximizer
2013-11-06 00:49 - 2013-11-06 20:53 - 00000000 ____D C:\windows\Lhsp
2013-11-06 00:49 - 2013-11-06 00:52 - 00000000 ____D C:\Users\Alexander\AppData\Local\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:51 - 00000000 ____D C:\Program Files (x86)\Virtual Voice
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\Documents\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\cache
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\.android
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 _____ C:\Users\Alexander\daemonprocess.txt
2013-11-06 00:48 - 2013-11-06 00:52 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-11-06 00:47 - 2013-11-06 00:47 - 01128896 _____ (Conduit) C:\Users\Alexander\Downloads\vvoiceDEU_trial.exe
2013-11-06 00:35 - 2013-11-06 00:35 - 00001251 _____ C:\Users\Public\Desktop\MWS Reader 5.lnk
2013-11-06 00:34 - 2013-11-06 00:37 - 00000000 ____D C:\Program Files (x86)\MWS Reader 5
2013-11-06 00:33 - 2013-11-06 00:33 - 63070500 _____ (directINNOVATION UG (haftungsbeschränkt)                    ) C:\Users\Alexander\Downloads\mwsr5_setup.exe
2013-11-05 22:14 - 2013-11-05 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 08:31 - 2013-11-16 07:59 - 00003376 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-04 16:59 - 2013-11-04 16:59 - 00000000 ____D C:\Users\Firma\AppData\Local\mquadr.at
2013-11-04 15:37 - 2013-11-04 15:37 - 00153656 _____ C:\Users\Firma\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 15:36 - 2013-11-04 15:36 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Avira
2013-11-04 15:33 - 2013-11-04 15:33 - 00000000 ____D C:\Users\Firma\AppData\Roaming\RealNetworks
2013-11-04 15:31 - 2013-11-04 15:31 - 00001392 _____ C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Mozilla
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Apple Computer
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Adobe
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Local\Mozilla
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Local\DTAG
2013-11-04 15:30 - 2013-11-04 15:31 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-04 15:30 - 2013-11-04 15:31 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-04 15:30 - 2013-11-04 15:30 - 00000306 __RSH C:\Users\Firma\ntuser.pol
2013-11-04 15:30 - 2013-11-04 15:30 - 00000020 ___SH C:\Users\Firma\ntuser.ini
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Vorlagen
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Startmenü
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Netzwerkumgebung
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Lokale Einstellungen
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Eigene Dateien
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Druckumgebung
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Documents\Eigene Musik
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Documents\Eigene Bilder
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Local\Verlauf
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Local\Anwendungsdaten
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Anwendungsdaten
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\Users\Firma\AppData\Local\VirtualStore
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\Users\Firma
2013-11-04 15:30 - 2013-07-23 06:53 - 00000000 ____D C:\Users\Firma\AppData\Local\Microsoft Help
2013-11-04 15:30 - 2013-04-02 10:28 - 00002131 _____ C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-04 15:30 - 2012-05-03 16:34 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Macromedia
2013-11-04 15:30 - 2009-10-30 11:21 - 00001304 _____ C:\Users\Firma\Desktop\Backup and Restore Center.lnk
2013-11-04 15:30 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-04 15:30 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-04 15:30 - 2008-11-14 14:28 - 00000197 _____ C:\Users\Firma\Desktop\Hyrican - Newsletter.url
2013-11-04 14:19 - 2013-11-04 14:19 - 00003548 _____ C:\windows\System32\Tasks\Moo0 Multi-Desktop 1.17
2013-11-04 14:19 - 2013-11-04 14:19 - 00000000 ____D C:\Program Files (x86)\Moo0
2013-11-04 14:15 - 2013-11-04 14:15 - 00062409 _____ C:\Users\Alexander\Downloads\Desktops.zip
2013-11-03 13:06 - 2013-11-03 13:06 - 00000000 ___RD C:\Users\Alexander\Documents\Notes
2013-11-01 16:55 - 2013-11-13 08:40 - 00000000 ____D C:\Users\Alexander\Desktop\Selbständig
2013-10-26 15:44 - 2013-10-26 15:44 - 00121232 _____ C:\Users\Alexander\Documents\InstallLogs.zip
2013-10-26 15:38 - 2013-11-06 15:25 - 00000000 ___RD C:\Users\Alexander\Documents\MAGIX
2013-10-26 15:38 - 2013-11-06 15:24 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2013-10-26 14:11 - 2013-11-06 13:33 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicMaker15_for_MySpace
2013-10-26 14:11 - 2007-04-18 21:07 - 00053248 _____ C:\windows\SysWOW64\mgxasio2.dll
2013-10-26 14:10 - 2013-11-06 13:33 - 00000000 ____D C:\windows\SysWOW64\MAGIX
2013-10-26 14:10 - 2013-10-26 14:11 - 00007119 _____ C:\windows\mgxoschk.ini
2013-10-26 14:10 - 2008-04-15 14:14 - 00700416 _____ (MAGIX AG) C:\windows\SysWOW64\mgxoschk.dll
2013-10-26 14:08 - 2013-10-26 14:09 - 113401776 _____ (MAGIX AG) C:\Users\Alexander\Downloads\music_maker_4_myspace_106mb_d_en(1).exe
2013-10-26 14:06 - 2013-11-06 15:25 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MAGIX
2013-10-26 14:05 - 2013-10-26 14:05 - 02878664 _____ (MAGIX AG) C:\Users\Alexander\Downloads\trial_musicmaker2014_dlm.exe
2013-10-25 08:16 - 2013-10-25 08:16 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-10-23 08:37 - 2013-10-23 08:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-23 08:37 - 2013-10-23 08:38 - 00000000 ____D C:\Program Files\iTunes
2013-10-23 08:37 - 2013-10-23 08:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-23 08:37 - 2013-10-23 08:37 - 00000000 ____D C:\Program Files\iPod
2013-10-22 14:29 - 2013-10-22 14:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Avg2014
2013-10-22 13:59 - 2013-10-22 14:00 - 00000000 ____D C:\AdwCleaner
2013-10-19 18:11 - 2013-10-19 18:11 - 00000806 _____ C:\Users\Alexander\.recently-used.xbel
2013-10-19 15:45 - 2013-10-19 15:45 - 00000000 ____D C:\Users\Alexander\AppData\Local\SplitMediaLabs
2013-10-19 15:44 - 2013-10-19 15:44 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\SplitMediaLabs
2013-10-19 15:41 - 2013-10-19 15:44 - 39727728 _____ (SplitMediaLabs) C:\Users\Alexander\Downloads\xsplit_installer_v1.3.1310.1103.exe
2013-10-18 14:30 - 2013-10-18 14:33 - 00000000 ____D C:\Program Files (x86)\pdf24
2013-10-18 14:30 - 2013-10-18 14:30 - 00000000 ____D C:\Users\Alexander\AppData\Local\FileMaker
2013-10-18 14:27 - 2013-10-18 14:34 - 00000000 ____D C:\Users\Alexander\Documents\HR-SoftCom
2013-10-18 14:27 - 2013-10-18 14:27 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\vlc
2013-10-18 14:09 - 2013-10-18 14:09 - 24278649 _____ C:\Users\Alexander\Downloads\vlc-2.1.0-win32.exe
2013-10-18 14:01 - 2013-10-18 14:01 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Buhl Data Service GmbH
2013-10-18 13:52 - 2013-10-18 13:52 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Buhl Data Service
2013-10-18 13:51 - 2013-10-18 13:52 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-10-18 13:50 - 2013-10-18 13:50 - 00000000 ____D C:\Users\Alexander\AppData\Local\Buhl Data Service
2013-10-18 13:48 - 2013-08-13 07:38 - 00032328 _____ C:\windows\Launcher.exe
2013-10-18 13:36 - 2013-10-19 08:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-18 13:36 - 2013-10-19 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-18 09:49 - 2013-10-18 09:49 - 00000082 _____ C:\windows\odbc_merge.INI
2013-10-18 09:40 - 2013-11-13 09:09 - 00000000 ____D C:\Users\Alexander\Documents\Taxpool-Buchhalter
2013-10-18 09:39 - 2013-10-18 09:40 - 00000000 ____D C:\Program Files (x86)\Taxpool-Buchhalter
2013-10-18 09:38 - 2013-10-18 09:38 - 60295696 _____ C:\Users\Alexander\Downloads\taxpool_buchhalter_mini_installation.exe
2013-10-18 09:30 - 2013-10-18 09:30 - 00002267 _____ C:\Users\Alexander\Documents\Neue Datenbank1.odb
2013-10-17 13:56 - 2013-10-17 13:56 - 00004857 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 13:56 - 2013-10-17 13:56 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 13:56 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 13:56 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-10-17 13:56 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-10-17 13:56 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-10-17 13:54 - 2013-10-17 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Alexander\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2013-11-16 08:10 - 2013-11-16 08:10 - 00024872 _____ C:\Users\Alexander\Downloads\FRST.txt
2013-11-16 08:09 - 2013-11-16 08:09 - 01957794 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2013-11-16 08:09 - 2013-11-16 08:09 - 00000000 ____D C:\FRST
2013-11-16 08:08 - 2013-11-16 08:07 - 00000480 _____ C:\Users\Alexander\Downloads\defogger_disable.log
2013-11-16 08:07 - 2013-11-16 08:07 - 00050477 _____ C:\Users\Alexander\Downloads\Defogger.exe
2013-11-16 08:07 - 2013-11-16 08:07 - 00000000 _____ C:\Users\Alexander\defogger_reenable
2013-11-16 08:07 - 2012-08-16 12:19 - 00000000 ____D C:\Users\Alexander
2013-11-16 08:07 - 2009-07-14 05:45 - 00018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-16 08:07 - 2009-07-14 05:45 - 00018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-16 08:04 - 2011-03-28 07:06 - 01460937 _____ C:\windows\WindowsUpdate.log
2013-11-16 07:59 - 2013-11-15 09:24 - 00003250 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-16 07:59 - 2013-11-05 08:31 - 00003376 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-16 07:58 - 2013-11-16 07:58 - 00001532 _____ C:\windows\PFRO.log
2013-11-16 07:58 - 2013-11-16 07:58 - 00000056 _____ C:\windows\setupact.log
2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 _____ C:\windows\setuperr.log
2013-11-16 07:58 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-15 19:45 - 2012-04-11 08:18 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 18:52 - 2012-08-16 13:38 - 00000000 ___RD C:\Users\Alexander\Desktop\Wichtige Programme PC
2013-11-15 18:50 - 2012-12-07 16:21 - 00000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps
2013-11-15 18:50 - 2011-01-18 08:18 - 00000000 ____D C:\windows\Panther
2013-11-15 18:21 - 2009-07-14 05:54 - 00000749 ___RH C:\windows\WindowsShell.Manifest
2013-11-15 18:21 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-15 13:06 - 2013-11-15 12:56 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-11-15 12:56 - 2013-11-15 12:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\ParetoLogic
2013-11-15 12:56 - 2013-11-15 12:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\DriverCure
2013-11-14 19:45 - 2013-11-09 09:07 - 00000000 ____D C:\Users\Alexander\AppData\Local\FutureCode
2013-11-14 19:45 - 2013-11-09 09:07 - 00000000 ____D C:\ProgramData\firebird
2013-11-13 15:27 - 2013-11-09 15:04 - 00000000 ____D C:\Users\Alexander\AppData\Local\Conduit
2013-11-13 15:26 - 2013-11-13 15:26 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\appthology.net
2013-11-13 13:57 - 2013-11-13 13:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MediaMan
2013-11-13 12:41 - 2013-11-09 15:03 - 00000000 _____ C:\end
2013-11-13 12:31 - 2013-11-13 12:31 - 00003394 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-13 12:31 - 2013-11-09 15:04 - 00000000 ____D C:\ProgramData\Conduit
2013-11-13 12:25 - 2013-11-13 12:22 - 00000736 _____ C:\windows\SysWOW64\ImageCaptureSuite.lic
2013-11-13 12:22 - 2013-11-13 12:22 - 00000052 _____ C:\windows\SysWOW64\ds_icsdr_f.dll
2013-11-13 12:22 - 2013-06-29 15:22 - 00000000 ____D C:\windows\Downloaded Installations
2013-11-13 10:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2013-11-13 09:09 - 2013-10-18 09:40 - 00000000 ____D C:\Users\Alexander\Documents\Taxpool-Buchhalter
2013-11-13 08:40 - 2013-11-01 16:55 - 00000000 ____D C:\Users\Alexander\Desktop\Selbständig
2013-11-12 23:31 - 2012-08-16 12:19 - 00001304 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 23:27 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-12 22:59 - 2013-11-12 22:59 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-12 22:58 - 2011-08-31 10:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 22:57 - 2013-07-20 07:46 - 00000000 ____D C:\windows\system32\MRT
2013-11-12 22:55 - 2011-01-18 13:24 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-10 10:02 - 2011-04-05 13:33 - 01595546 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-10 10:02 - 2009-07-14 18:58 - 00699760 _____ C:\windows\system32\perfh007.dat
2013-11-10 10:02 - 2009-07-14 18:58 - 00150086 _____ C:\windows\system32\perfc007.dat
2013-11-10 10:02 - 2009-07-14 06:13 - 01595546 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-09 17:49 - 2013-11-09 17:49 - 00000000 ____D C:\Users\Alexander\Downloads\CRMadar
2013-11-09 17:46 - 2013-11-09 15:03 - 00000000 ____D C:\Users\Alexander\AppData\Local\DownloadGuide
2013-11-09 17:36 - 2013-11-09 17:36 - 00001106 _____ C:\Users\Kinder\Desktop\Zeiterfassung.lnk
2013-11-09 17:36 - 2013-11-09 17:36 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\IT-Service Christian Hau (www.a-bit-more.de)
2013-11-09 17:34 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Deployment
2013-11-09 17:29 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Apps\2.0
2013-11-09 15:18 - 2013-11-09 15:14 - 00000000 ____D C:\Program Files (x86)\EasyFirma
2013-11-09 15:18 - 2012-02-08 13:20 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-11-09 15:15 - 2013-11-09 15:15 - 00000089 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\WoAx-IT
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-09 14:50 - 2013-11-09 14:50 - 00000000 ____D C:\Program Files (x86)\FutureCode
2013-11-09 14:50 - 2013-11-09 09:06 - 00000000 ____D C:\Users\Public\Documents\FutureCode
2013-11-09 09:06 - 2013-11-09 09:06 - 06399352 _____ (                                                            ) C:\Users\Alexander\Downloads\cassandra_setup.exe
2013-11-06 20:53 - 2013-11-06 00:49 - 00000000 ____D C:\windows\Lhsp
2013-11-06 16:40 - 2013-11-06 16:40 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\simplitec
2013-11-06 16:40 - 2012-08-16 12:19 - 00154048 _____ C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-06 16:39 - 2009-07-14 05:45 - 00518408 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-06 16:38 - 2013-02-01 15:05 - 00000000 ____D C:\Users\Alexander\AppData\Local\MWSReader
2013-11-06 15:25 - 2013-10-26 15:38 - 00000000 ___RD C:\Users\Alexander\Documents\MAGIX
2013-11-06 15:25 - 2013-10-26 14:06 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MAGIX
2013-11-06 15:24 - 2013-11-06 15:24 - 00001172 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2013 Premium.lnk
2013-11-06 15:24 - 2013-10-26 15:38 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2013-11-06 15:23 - 2011-06-07 21:29 - 00000000 ____D C:\ProgramData\MAGIX
2013-11-06 15:23 - 2011-06-07 21:28 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-11-06 13:54 - 2013-11-06 13:54 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicEditor
2013-11-06 13:54 - 2011-06-07 21:28 - 00120200 _____ () C:\windows\SysWOW64\DLLDEV32i.dll
2013-11-06 13:52 - 2013-11-06 13:52 - 00000000 ____D C:\ProgramData\simplitec
2013-11-06 13:52 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2013-11-06 13:45 - 2013-11-06 13:45 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Windows Net Data
2013-11-06 13:45 - 2013-01-13 14:03 - 00000000 ____D C:\Users\Alexander\AppData\Local\Google
2013-11-06 13:45 - 2012-08-16 12:19 - 00000000 ___RD C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\ChromeExtensions
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempcd836cd86b6a58a7710ad2c090db7860
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Temp6c805cd7a53f3698b5c0466f4ab6d0bb
2013-11-06 13:43 - 2013-11-06 13:43 - 00669952 _____ C:\Users\Alexander\Downloads\MAGIX-Music-Maker-2013-Premium-Setup.exe
2013-11-06 13:33 - 2013-10-26 14:11 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicMaker15_for_MySpace
2013-11-06 13:33 - 2013-10-26 14:10 - 00000000 ____D C:\windows\SysWOW64\MAGIX
2013-11-06 10:11 - 2012-08-16 12:19 - 00000000 ____D C:\Users\Alexander\AppData\Local\VirtualStore
2013-11-06 09:05 - 2013-02-25 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-06 00:53 - 2013-11-06 00:53 - 00000000 ____D C:\Users\Alexander\Documents\PC Speed Maximizer
2013-11-06 00:52 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\Mobogenie
2013-11-06 00:52 - 2013-11-06 00:48 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-11-06 00:51 - 2013-11-06 00:49 - 00000000 ____D C:\Program Files (x86)\Virtual Voice
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\Documents\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\cache
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\.android
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 _____ C:\Users\Alexander\daemonprocess.txt
2013-11-06 00:49 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Speech
2013-11-06 00:47 - 2013-11-06 00:47 - 01128896 _____ (Conduit) C:\Users\Alexander\Downloads\vvoiceDEU_trial.exe
2013-11-06 00:37 - 2013-11-06 00:34 - 00000000 ____D C:\Program Files (x86)\MWS Reader 5
2013-11-06 00:35 - 2013-11-06 00:35 - 00001251 _____ C:\Users\Public\Desktop\MWS Reader 5.lnk
2013-11-06 00:33 - 2013-11-06 00:33 - 63070500 _____ (directINNOVATION UG (haftungsbeschränkt)                    ) C:\Users\Alexander\Downloads\mwsr5_setup.exe
2013-11-05 22:15 - 2013-11-05 22:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 17:16 - 2012-08-16 13:37 - 00000000 ___RD C:\Users\Alexander\Desktop\Player
2013-11-04 17:15 - 2013-01-13 14:03 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-04 17:15 - 2012-08-16 15:34 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Mozilla
2013-11-04 17:00 - 2013-09-06 18:52 - 00000000 ____D C:\Program Files (x86)\DeskSpace
2013-11-04 16:59 - 2013-11-04 16:59 - 00000000 ____D C:\Users\Firma\AppData\Local\mquadr.at
2013-11-04 15:37 - 2013-11-04 15:37 - 00153656 _____ C:\Users\Firma\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 15:36 - 2013-11-04 15:36 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Avira
2013-11-04 15:33 - 2013-11-04 15:33 - 00000000 ____D C:\Users\Firma\AppData\Roaming\RealNetworks
2013-11-04 15:31 - 2013-11-04 15:31 - 00001392 _____ C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Mozilla
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Apple Computer
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Roaming\Adobe
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Local\Mozilla
2013-11-04 15:31 - 2013-11-04 15:31 - 00000000 ____D C:\Users\Firma\AppData\Local\DTAG
2013-11-04 15:31 - 2013-11-04 15:30 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-04 15:31 - 2013-11-04 15:30 - 00000000 ___RD C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-04 15:30 - 2013-11-04 15:30 - 00000306 __RSH C:\Users\Firma\ntuser.pol
2013-11-04 15:30 - 2013-11-04 15:30 - 00000020 ___SH C:\Users\Firma\ntuser.ini
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Vorlagen
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Startmenü
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Netzwerkumgebung
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Lokale Einstellungen
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Eigene Dateien
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Druckumgebung
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Documents\Eigene Musik
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Documents\Eigene Bilder
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Local\Verlauf
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\AppData\Local\Anwendungsdaten
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 _SHDL C:\Users\Firma\Anwendungsdaten
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\Users\Firma\AppData\Local\VirtualStore
2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\Users\Firma
2013-11-04 14:19 - 2013-11-04 14:19 - 00003548 _____ C:\windows\System32\Tasks\Moo0 Multi-Desktop 1.17
2013-11-04 14:19 - 2013-11-04 14:19 - 00000000 ____D C:\Program Files (x86)\Moo0
2013-11-04 14:15 - 2013-11-04 14:15 - 00062409 _____ C:\Users\Alexander\Downloads\Desktops.zip
2013-11-03 13:06 - 2013-11-03 13:06 - 00000000 ___RD C:\Users\Alexander\Documents\Notes
2013-11-03 08:39 - 2011-01-18 08:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-03 08:39 - 2009-07-14 19:18 - 00000000 ____D C:\windows\ShellNew
2013-11-03 08:38 - 2011-04-05 13:33 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-03 08:38 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-03 08:38 - 2009-07-14 03:34 - 00000419 _____ C:\windows\win.ini
2013-11-01 16:56 - 2013-08-12 09:14 - 00000000 ____D C:\Users\Alexander\Desktop\Sammel Ordner Wichtig
2013-10-30 11:10 - 2012-08-16 13:37 - 00000000 ____D C:\Users\Alexander\Desktop\Tina
2013-10-26 15:44 - 2013-10-26 15:44 - 00121232 _____ C:\Users\Alexander\Documents\InstallLogs.zip
2013-10-26 15:37 - 2011-01-18 08:33 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-10-26 14:11 - 2013-10-26 14:10 - 00007119 _____ C:\windows\mgxoschk.ini
2013-10-26 14:09 - 2013-10-26 14:08 - 113401776 _____ (MAGIX AG) C:\Users\Alexander\Downloads\music_maker_4_myspace_106mb_d_en(1).exe
2013-10-26 14:05 - 2013-10-26 14:05 - 02878664 _____ (MAGIX AG) C:\Users\Alexander\Downloads\trial_musicmaker2014_dlm.exe
2013-10-25 19:34 - 2009-07-14 03:34 - 87031808 _____ C:\windows\system32\config\SOFTWARE_tureg_old
2013-10-25 19:34 - 2009-07-14 03:34 - 20709376 _____ C:\windows\system32\config\SYSTEM_tureg_old
2013-10-25 19:34 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY_tureg_old
2013-10-25 19:30 - 2009-07-14 03:34 - 01310720 _____ C:\windows\system32\config\DEFAULT_tureg_old
2013-10-25 19:30 - 2009-07-14 03:34 - 00135168 _____ C:\windows\system32\config\SAM_tureg_old
2013-10-25 08:16 - 2013-10-25 08:16 - 00000000 ____D C:\Program Files (x86)\Easy Flyer Creator 3.0
2013-10-23 08:38 - 2013-10-23 08:37 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-23 08:38 - 2013-10-23 08:37 - 00000000 ____D C:\Program Files\iTunes
2013-10-23 08:38 - 2013-10-23 08:37 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-23 08:37 - 2013-10-23 08:37 - 00000000 ____D C:\Program Files\iPod
2013-10-22 14:29 - 2013-10-22 14:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Avg2014
2013-10-22 14:28 - 2012-08-16 13:26 - 00000000 ___RD C:\Users\Alexander\Desktop\DVD ertellen
2013-10-22 14:00 - 2013-10-22 13:59 - 00000000 ____D C:\AdwCleaner
2013-10-19 18:11 - 2013-10-19 18:11 - 00000806 _____ C:\Users\Alexander\.recently-used.xbel
2013-10-19 18:11 - 2013-01-22 17:00 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\gtk-2.0
2013-10-19 17:19 - 2012-08-17 13:20 - 00000000 ____D C:\Users\Alexander\AppData\Local\Adobe
2013-10-19 17:19 - 2012-04-11 08:18 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-19 17:19 - 2012-04-11 08:18 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-19 17:19 - 2011-05-20 06:44 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-19 15:45 - 2013-10-19 15:45 - 00000000 ____D C:\Users\Alexander\AppData\Local\SplitMediaLabs
2013-10-19 15:44 - 2013-10-19 15:44 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\SplitMediaLabs
2013-10-19 15:44 - 2013-10-19 15:41 - 39727728 _____ (SplitMediaLabs) C:\Users\Alexander\Downloads\xsplit_installer_v1.3.1310.1103.exe
2013-10-19 15:38 - 2011-06-20 19:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-19 15:35 - 2012-08-16 12:37 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Adobe
2013-10-19 08:00 - 2013-10-18 13:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-19 08:00 - 2013-10-18 13:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-19 08:00 - 2013-07-21 19:51 - 00000000 ____D C:\Program Files\Google
2013-10-18 14:34 - 2013-10-18 14:27 - 00000000 ____D C:\Users\Alexander\Documents\HR-SoftCom
2013-10-18 14:33 - 2013-10-18 14:30 - 00000000 ____D C:\Program Files (x86)\pdf24
2013-10-18 14:30 - 2013-10-18 14:30 - 00000000 ____D C:\Users\Alexander\AppData\Local\FileMaker
2013-10-18 14:27 - 2013-10-18 14:27 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\vlc
2013-10-18 14:14 - 2013-10-05 13:01 - 00000000 ____D C:\ProgramData\Google
2013-10-18 14:09 - 2013-10-18 14:09 - 24278649 _____ C:\Users\Alexander\Downloads\vlc-2.1.0-win32.exe
2013-10-18 14:01 - 2013-10-18 14:01 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Buhl Data Service GmbH
2013-10-18 13:52 - 2013-10-18 13:52 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Buhl Data Service
2013-10-18 13:52 - 2013-10-18 13:51 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-10-18 13:50 - 2013-10-18 13:50 - 00000000 ____D C:\Users\Alexander\AppData\Local\Buhl Data Service
2013-10-18 13:46 - 2013-04-10 15:20 - 00216064 ___SH C:\Users\Alexander\Documents\Thumbs.db
2013-10-18 09:57 - 2011-04-16 20:01 - 00003704 _____ C:\windows\System32\Tasks\Java Update Scheduler
2013-10-18 09:49 - 2013-10-18 09:49 - 00000082 _____ C:\windows\odbc_merge.INI
2013-10-18 09:40 - 2013-10-18 09:39 - 00000000 ____D C:\Program Files (x86)\Taxpool-Buchhalter
2013-10-18 09:38 - 2013-10-18 09:38 - 60295696 _____ C:\Users\Alexander\Downloads\taxpool_buchhalter_mini_installation.exe
2013-10-18 09:30 - 2013-10-18 09:30 - 00002267 _____ C:\Users\Alexander\Documents\Neue Datenbank1.odb
2013-10-18 09:27 - 2013-07-22 08:43 - 00000676 _____ C:\Users\Alexander\Desktop\kay.txt
2013-10-17 13:56 - 2013-10-17 13:56 - 00004857 _____ C:\windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-17 13:56 - 2013-10-17 13:56 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 13:56 - 2013-08-20 16:11 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-17 13:54 - 2013-10-17 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Alexander\Downloads\jxpiinstall.exe

Files to move or delete:
====================
C:\Users\Alexander\AppData\Local\Temp\Rar$EX76.824\Desktops.exe
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe
C:\Users\Firma\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 11:32

==================== End Of Log ============================
         
--- --- ---


Addition.txt:

Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2013
Ran by Alexander at 2013-11-16 08:11:10
Running from C:\Users\Alexander\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.4.144)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface Service (x32)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
AnvSoft Photo Flash Maker Free 5.39 (x32 Version: 5.39)
Any Video Converter 3.5.6 (x32)
Any Video Converter 5 5.0.3 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo Burning Studio 2010 Advanced 9.25 (x32 Version: 3.1.1)
ATI AVIVO64 Codecs (Version: 11.6.0.51125)
Audacity 1.3.13 (Unicode) (x32)
Avira Free Antivirus (x32 Version: 14.0.0.383)
Bing Bar (x32 Version: 7.1.361.0)
Bing-Desktop (x32 Version: 1.3.174.0)
CameraHelperMsi (x32 Version: 13.50.854.0)
Cassandra Beta 3.0.0.18 (x32 Version: 3.0.0.18)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.04)
D3DX10 (x32 Version: 15.4.2368.0902)
DivX-Setup (x32 Version: 2.6.1.8)
Druckerdeinstallation für EPSON SX410 Series
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7)
Epson Easy Photo Print 2 (x32 Version: 2.2.3.1)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)
EPSON File Manager (x32 Version: 1.3.2.0)
EPSON Scan (x32)
EPSON Scan Assistant (x32 Version: 1.10.00)
Epson Stylus SX210_SX410_TX210_TX410 Handbuch (x32)
erLT (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Fotogalerie (x32 Version: 16.4.3508.0205)
Free Video to MP3 Converter version 5.0.22.128 (x32 Version: 5.0.22.128)
Free YouTube Download version 3.2.13.925 (x32 Version: 3.2.13.925)
Geany 1.22 (x32 Version: 1.22)
GIMP 2.6.11 (x32 Version: 2.6.11)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.023)
HTC Sync (x32 Version: 3.3.6)
HTC Sync Manager (x32 Version: 1.0.34.4169)
HydraVision (x32 Version: 4.2.184.0)
iCloud (Version: 3.0.2.163)
IM Lock (x32)
ImgBurn (x32 Version: 2.5.5.0)
Internet Explorer (Enable DEP)
IrfanView (remove only) (x32 Version: 4.35)
IsoBuster 3.2 (x32 Version: 3.2)
iTunes (Version: 11.1.2.31)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 16.4.3508.0205)
KODAK Create@Home Software (für dm) (x32 Version: 7.3.8392)
LAME v3.98.3 for Audacity (x32)
Logitech Vid HD (x32 Version: 7.2 (7240))
Logitech Webcam Software (x32 Version: 2.0)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.50.854.0)
LWS Help_main (x32 Version: 13.50.862.0)
LWS Launcher (x32 Version: 13.50.859.0)
LWS Motion Detection (x32 Version: 13.30.1395.0)
LWS Pictures And Video (x32 Version: 13.50.861.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Video Mask Maker (x32 Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (x32 Version: 13.31.1038.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
MAGIX Music Maker 2013 Premium (Version: 19.0.3.47)
MAGIX Music Maker 2013 Premium (x32 Version: 19.0.3.47)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (x32 Version: 11.0.7400.335)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (x32 Version: 11.0.7400.335)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MWS Reader 5 (x32 Version: 5.0.330)
Nokia Connectivity Cable Driver (x32 Version: 7.1.48.0)
Nvu 1.0 (x32 Version: 1.0)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
PC Connectivity Solution (x32 Version: 11.5.13.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo DVD Maker Professional 8.10 (x32 Version: 8.10)
Photo Gallery (x32 Version: 16.4.3508.0205)
Photopos Toolbar (Remove Toolbar Only) (x32)
Prism Videodatei-Konverter (x32)
RadiAnt DICOM Viewer (64-bit) (x32 Version: 1.8.6.6744)
RealDownloader (x32 Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.3)
Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001)
Secure Eraser (x32 Version: 4.2.0.1)
SIW 2013 Home Edition (x32 Version: 2013.05.14)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.6 (x32 Version: 6.6.106)
Smart File Advisor 1.1.1 (x32 Version: 1.1.1)
Sony Ericsson Update Engine (x32 Version: 2.12.8.23)
Sony PC Companion 2.10.115 (x32 Version: 2.10.115)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab for Intel (x32 Version: 4.5.11.0)
Taxpool-Buchhalter Mini 7.10 (x32 Version: 7.10)
TeamViewer 8 (x32 Version: 8.0.16642)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
TomTom HOME (x32 Version: 2.9.2)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4100.74)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3500.13)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VideoPad Videobearbeitungs-Software (x32)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.1.0 (x32 Version: 2.1.0)
VPNAutoconnect (x32 Version: 1.13)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live Family Safety (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Mail (x32 Version: 16.4.3508.0205)
Windows Live Messenger (x32 Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows Live Writer (x32 Version: 16.4.3508.0205)
Windows Live Writer Resources (x32 Version: 16.4.3508.0205)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WinHTTrack Website Copier 3.47-21 (x32 Version: 3.47.21)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
XMedia Recode 3.0.5.9 (x32 Version: 3.0.5.9)
XMedia Recode Version 3.1.4.6 (x32 Version: 3.1.4.6)
XnView 1.98 (x32 Version: 1.98)

==================== Restore Points =========================

15-11-2013 10:16:17 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07FE4EB3-ACF4-4A82-8D24-231426516B57} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {162A36D7-9CAB-4B6F-9077-0E7D8857752C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1006 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {16BCB0D2-BEE8-47C7-90BE-CE74264956FF} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {1A886E00-41C2-49FC-9DD1-F7C312096BA0} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\Norton PC Checkup 3.0\NLAppLauncher.exe
Task: {1AE8B672-D3D4-4DC8-82DA-F1D8D880A1C0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {25F8D038-EDBE-4FA1-BC5F-78E0C12D081F} - System32\Tasks\{124F2ECE-ABCD-448A-9E9C-BB147A7617EE} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2012-04-09] (ATI Technologies Inc.)
Task: {2A9C4799-4F9D-408F-9671-4908FF044FE6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2C398496-013B-4BCB-9987-ED1DAC37ED39} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {34224E3D-3A17-4417-A634-4877D94B75D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1006 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {466ECC7E-4FEA-4344-BCC9-E3D76BCB213A} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5449BBFF-F32A-49A2-8EEE-F62034129171} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {623777B3-5C1E-4F54-9ABE-5A05D26AEC4C} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Alexander\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Task: {6E66F8B4-EEB5-4CB7-8C1F-9025052BF0A5} - System32\Tasks\{B5B8C78E-6202-4B0B-A838-E1CEDFD69869} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {7D9DA6AF-7AA8-44F2-8F1E-EB3BFCF302A1} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\real\realplayer\Update\realsched.exe [2013-08-22] (RealNetworks, Inc.)
Task: {7DBECFD8-2BE7-4E2F-9733-20C4705AEAD4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9802B025-E71A-4D5D-84CB-CEB02F1A8A42} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1000 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9E78CA3D-A0C5-46BF-A46B-3C6AF318B2AD} - \GoforFilesUpdate No Task File
Task: {A16810A6-80DC-4096-A289-3E9953CBD8C7} - \Dealply No Task File
Task: {A2129294-B3F4-4109-AE7A-242E58629572} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A3CFEE44-5EFC-483D-9278-589CAE151A08} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B1ABBBA2-367C-4A63-981C-95B648C80BA3} - System32\Tasks\Moo0 Multi-Desktop 1.17 => C:\Program Files (x86)\Moo0\MultiDesktop 1.17\MultiDesktop.exe
Task: {B1AC120B-0872-4F7C-92FE-8CB2A1E35E1C} - \Scheduled Update for Ask Toolbar No Task File
Task: {B8E50463-4502-44E8-9C4D-CC4460A129DC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C3FC09CC-5073-4FDA-A934-BAEA5626A82D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19] (Adobe Systems Incorporated)
Task: {D317A390-DF1D-4543-8B16-E716934A2387} - System32\Tasks\Google Updater and Installer => C:\Users\F. Staudt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {DBC9BDD3-28E8-4D3D-9C6B-3AD37FFECF87} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe
Task: {DDF893B8-439A-4A1B-950D-B06C0D8C96F4} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-24] ()
Task: {E599E290-0A2A-46D4-842B-BA7029FA2C1B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EBF2936B-E68D-4B3A-BF2A-B57CFFFD72C8} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EC15EEEE-95A7-4FF2-AEB3-A584BEC61BC9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {ED135E18-F2A6-4C79-9B22-FA9729C685FE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1000 => C:\Program Files (x86)\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FD3D839B-1CF3-45B8-A5A5-21A1A3123A3D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 08:12 - 2013-08-30 08:11 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-11-05 22:14 - 2013-11-05 22:15 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:73BDADA8
AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2013 08:01:03 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:01:03 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:01:03 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:01:03 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)

Error: (11/16/2013 08:00:55 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:00:55 AM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/16/2013 08:00:55 AM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:00:55 AM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2013 08:00:55 AM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))

Error: (11/16/2013 08:00:51 AM) (Source: ESENT) (User: )
Description: Windows (3748) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00183.log.


System errors:
=============
Error: (11/16/2013 08:01:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2013 08:01:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (11/16/2013 08:00:27 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Avira Echtzeit-Scanner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (11/16/2013 08:00:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2013 08:00:23 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (11/16/2013 08:00:20 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (11/16/2013 07:59:07 AM) (Source: Microsoft-Windows-GroupPolicy) (User: F-Staudt-PC)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.

Error: (11/15/2013 06:23:19 PM) (Source: Microsoft-Windows-GroupPolicy) (User: F-Staudt-PC)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.

Error: (11/15/2013 06:19:07 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1

Error: (11/15/2013 06:18:08 PM) (Source: Microsoft-Windows-GroupPolicy) (User: F-Staudt-PC)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-12-09 14:28:37.936
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-12-09 14:28:37.780
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 6140.16 MB
Available physical RAM: 4068.87 MB
Total Pagefile: 12276.34 MB
Available Pagefile: 9909.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:923.02 GB) (Free:736.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B30369A1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=923 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=27)

==================== End Of Log ============================
__________________

Alt 17.11.2013, 05:37   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.11.2013, 07:38   #5
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



C:\Combofix.txt:

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-11-16.01 - Alexander 17.11.2013  17:40:02.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6140.4366 [GMT 1:00]
ausgeführt von:: c:\users\Alexander\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-17 bis 2013-11-17  ))))))))))))))))))))))))))))))
.
.
2013-11-17 17:27 . 2013-11-17 17:27	--------	d-----w-	c:\users\Kinder\AppData\Local\temp
2013-11-17 17:27 . 2013-11-17 17:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-16 07:09 . 2013-11-16 07:09	--------	d-----w-	C:\FRST
2013-11-15 11:56 . 2013-11-15 11:56	--------	d-----w-	c:\users\Alexander\AppData\Roaming\ParetoLogic
2013-11-15 11:56 . 2013-11-15 11:56	--------	d-----w-	c:\users\Alexander\AppData\Roaming\DriverCure
2013-11-15 11:56 . 2013-11-15 12:06	--------	d-----w-	c:\programdata\ParetoLogic
2013-11-13 14:26 . 2013-11-13 14:26	--------	d-----w-	c:\users\Alexander\AppData\Roaming\appthology.net
2013-11-13 12:56 . 2013-11-13 12:57	--------	d-----w-	c:\users\Alexander\AppData\Roaming\MediaMan
2013-11-13 11:22 . 2013-11-13 11:22	52	----a-w-	c:\windows\SysWow64\ds_icsdr_f.dll
2013-11-13 08:37 . 2013-11-13 08:39	--------	d-----w-	c:\users\Alexander\AppData\Local\bcWebCam
2013-11-12 21:58 . 2013-10-02 04:51	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-11-12 21:53 . 2013-09-25 02:26	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2013-11-12 21:51 . 2013-10-03 02:23	404480	----a-w-	c:\windows\system32\gdi32.dll
2013-11-12 21:51 . 2013-10-03 02:00	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2013-11-12 21:51 . 2013-10-12 02:29	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2013-11-12 21:51 . 2013-10-12 02:30	830464	----a-w-	c:\windows\system32\nshwfp.dll
2013-11-12 21:51 . 2013-10-12 02:29	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2013-11-12 21:51 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2013-11-12 21:51 . 2013-10-12 02:01	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-09 16:36 . 2013-11-09 16:36	--------	d-----w-	c:\users\Alexander\AppData\Roaming\IT-Service Christian Hau (www.a-bit-more.de)
2013-11-09 16:29 . 2013-11-09 16:34	--------	d-----w-	c:\users\Alexander\AppData\Local\Deployment
2013-11-09 16:29 . 2013-11-09 16:29	--------	d-----w-	c:\users\Alexander\AppData\Local\Apps
2013-11-09 14:14 . 2013-11-09 14:18	--------	d-----w-	c:\program files (x86)\EasyFirma
2013-11-09 14:04 . 2013-11-09 14:04	--------	d-----w-	c:\users\Alexander\AppData\Roaming\WoAx-IT
2013-11-09 14:04 . 2013-11-09 14:04	--------	d-----w-	c:\program files (x86)\Conduit
2013-11-09 14:04 . 2013-11-13 14:27	--------	d-----w-	c:\users\Alexander\AppData\Local\Conduit
2013-11-09 14:04 . 2013-11-13 11:31	--------	d-----w-	c:\programdata\Conduit
2013-11-09 14:03 . 2013-11-09 16:46	--------	d-----w-	c:\users\Alexander\AppData\Local\DownloadGuide
2013-11-09 13:50 . 2013-11-09 13:50	--------	d-----w-	c:\program files (x86)\FutureCode
2013-11-09 08:07 . 2013-11-14 18:45	--------	d-----w-	c:\users\Alexander\AppData\Local\FutureCode
2013-11-09 08:07 . 2013-11-14 18:45	--------	d-----w-	c:\programdata\firebird
2013-11-06 15:40 . 2013-11-06 15:40	--------	d-----w-	c:\users\Alexander\AppData\Roaming\simplitec
2013-11-06 12:52 . 2013-11-06 12:52	--------	d-----w-	c:\programdata\simplitec
2013-11-06 12:45 . 2013-11-06 12:45	--------	d-----w-	c:\users\Alexander\AppData\Roaming\Windows Net Data
2013-11-06 12:44 . 2013-11-06 12:44	--------	d-----w-	c:\users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5
2013-11-06 12:44 . 2013-11-06 12:44	--------	d-----w-	c:\users\Alexander\ChromeExtensions
2013-11-06 12:44 . 2013-11-06 12:44	--------	d-----w-	c:\users\Alexander\AppData\Local\Tempcd836cd86b6a58a7710ad2c090db7860
2013-11-06 12:44 . 2013-11-06 12:44	--------	d-----w-	c:\users\Alexander\AppData\Local\Temp6c805cd7a53f3698b5c0466f4ab6d0bb
2013-11-05 23:49 . 2013-11-05 23:49	--------	d-----w-	c:\users\Alexander\.android
2013-11-05 23:49 . 2013-11-05 23:49	--------	d-----w-	c:\users\Alexander\AppData\Local\cache
2013-11-05 23:49 . 2013-11-05 23:52	--------	d-----w-	c:\users\Alexander\AppData\Local\Mobogenie
2013-11-05 23:49 . 2013-11-06 19:53	--------	d-----w-	c:\windows\Lhsp
2013-11-05 23:49 . 2013-11-05 23:51	--------	d-----w-	c:\program files (x86)\Virtual Voice
2013-11-05 23:48 . 2013-11-05 23:52	--------	d-----w-	c:\program files (x86)\Mobogenie
2013-11-05 23:34 . 2013-11-05 23:37	--------	d-----w-	c:\program files (x86)\MWS Reader 5
2013-11-04 14:30 . 2013-11-04 14:30	--------	d-----w-	c:\users\Firma
2013-11-04 13:19 . 2013-11-04 13:19	--------	d-----w-	c:\program files (x86)\Moo0
2013-10-26 13:11 . 2007-04-18 20:07	53248	----a-w-	c:\windows\SysWow64\mgxasio2.dll
2013-10-26 13:10 . 2013-11-06 12:33	--------	d-----w-	c:\windows\SysWow64\MAGIX
2013-10-26 13:10 . 2008-04-15 13:14	700416	----a-w-	c:\windows\SysWow64\mgxoschk.dll
2013-10-26 13:06 . 2013-11-06 14:25	--------	d-----w-	c:\users\Alexander\AppData\Roaming\MAGIX
2013-10-25 07:16 . 2013-10-25 07:16	--------	d-----w-	c:\program files (x86)\Easy Flyer Creator 3.0
2013-10-23 07:37 . 2013-10-23 07:38	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-23 07:37 . 2013-10-23 07:38	--------	d-----w-	c:\program files\iTunes
2013-10-23 07:37 . 2013-10-23 07:38	--------	d-----w-	c:\program files (x86)\iTunes
2013-10-23 07:37 . 2013-10-23 07:37	--------	d-----w-	c:\program files\iPod
2013-10-22 13:29 . 2013-10-22 13:29	--------	d-----w-	c:\users\Alexander\AppData\Local\Avg2014
2013-10-22 12:59 . 2013-10-22 13:00	--------	d-----w-	C:\AdwCleaner
2013-10-19 14:45 . 2013-10-19 14:45	--------	d-----w-	c:\users\Alexander\AppData\Local\SplitMediaLabs
2013-10-19 14:44 . 2013-10-19 14:44	--------	d-----w-	c:\users\Alexander\AppData\Roaming\SplitMediaLabs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-12 21:55 . 2011-01-18 12:24	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-11-06 12:54 . 2011-06-07 20:28	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2013-10-19 16:19 . 2011-05-20 05:44	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 17:00 . 2012-12-04 17:18	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-10-08 05:50 . 2013-10-17 12:56	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-01 10:19 . 2013-08-30 07:12	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-10-01 10:19 . 2013-08-30 07:12	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-10-01 10:19 . 2013-08-30 07:12	132600	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-10-01 10:19 . 2013-08-30 07:12	105856	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-09-09 13:29 . 2013-10-04 17:35	40760	----a-w-	c:\windows\system32\TURegOpt.exe
2013-09-09 13:29 . 2013-10-04 17:36	43320	----a-w-	c:\windows\system32\uxtuneup.dll
2013-09-09 13:29 . 2013-10-04 17:36	36152	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2013-09-09 13:29 . 2013-10-04 17:35	29496	----a-w-	c:\windows\system32\authuitu.dll
2013-09-09 13:29 . 2013-10-04 17:35	25400	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-09-08 02:30 . 2013-10-09 17:37	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 17:37	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 17:37	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 17:35	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 17:35	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 17:35	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 17:35	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 17:35	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 17:35	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 17:35	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-09 17:37	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 17:37	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 17:37	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 17:37	859648	----a-w-	c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 17:37	878080	----a-w-	c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 17:37	3969472	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 17:37	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 17:37	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 17:37	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 17:37	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 17:37	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 17:37	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-09 17:37	33280	----a-w-	c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-09 17:37	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 17:37	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 17:37	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 17:37	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 17:37	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 17:37	461312	----a-w-	c:\windows\system32\scavengeui.dll
2013-08-22 08:47 . 2013-08-22 08:47	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-08-22 08:21 . 2013-08-22 08:21	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-22 08:21 . 2013-08-22 08:21	312232	----a-w-	c:\windows\system32\javaws.exe
2013-08-22 08:21 . 2013-08-22 08:21	189352	----a-w-	c:\windows\system32\javaw.exe
2013-08-22 08:21 . 2013-08-22 08:21	188840	----a-w-	c:\windows\system32\java.exe
2013-08-22 08:21 . 2013-08-22 07:59	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-08-22 08:21 . 2013-08-22 07:59	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2007-03-12 16:59 . 2007-03-12 16:59	299008	----a-w-	c:\program files (x86)\navigram_register.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-14 07:11	222832	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-14 07:11	222832	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-14 07:11	222832	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-11-25 393216]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Akamai NetSession Interface"="c:\users\Alexander\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-09-04 1315144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-06-27 2249352]
"Hilfe Assistent"="c:\program files (x86)\Hilfe Assistent\Hilfe_Assistent.exe" [2013-05-24 17299264]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-01 681032]
"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"MWS Reader 5"="c:\program files (x86)\MWS Reader 5\mwsr5.exe" [2013-09-11 13211648]
.
c:\users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
net.lnk - c:\users\Alexander\AppData\Roaming\Windows Net Data\net.exe [2013-11-6 709120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R4 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 16:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-14 07:11	261744	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-14 07:11	261744	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-14 07:11	261744	----a-w-	c:\users\Alexander\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN10865843413209230&UM=2&ctid=CT3306061
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN14192292661832525&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN14192292661832525&UM=2&q=
FF - ExtSQL: 2013-10-25 20:14; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-06 13:45; EFGLQA@78ETGYN-0W7FN789T87.COM; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF - ExtSQL: 2013-11-06 16:59; {f2e20f61-9542-4a93-9391-448d442575cc}; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\{f2e20f61-9542-4a93-9391-448d442575cc}.xpi
FF - ExtSQL: 2013-11-06 21:59; {1909da52-730a-4e17-922a-6820837f68de}; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\{1909da52-730a-4e17-922a-6820837f68de}.xpi
FF - ExtSQL: 2013-11-09 15:04; {422f7661-9403-4da4-b4ef-cc3e268817b5}; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\{422f7661-9403-4da4-b4ef-cc3e268817b5}
FF - ExtSQL: 2013-11-13 12:31; {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}; c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022&q=
FF - user.js: extensions.Softonic.id - c0aace610000000000001c6f655e2e14
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16022
FF - user.js: extensions.Softonic.vrsn - 1.8.28.2
FF - user.js: extensions.Softonic.vrsni - 1.8.28.2
FF - user.js: extensions.Softonic.vrsnTs - 1.8.28.212:26
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand
FF - user.js: extensions.Softonic.instlRef - MOY00009
FF - user.js: extensions.Softonic.dfltLng - 
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-IMLock - c:\windows\System32\tnblf.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3871666134-2697713090-3799736864-1017\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3871666134-2697713090-3799736864-1017)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-3871666134-2697713090-3799736864-1017\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E0821754-C251-049D-CEF5-3550EB4DA462}*]
"abijbianckgfiehhkndifbgijnkliebmij"=hex:6a,61,61,6d,61,70,67,66,68,6f,63,69,
   64,69,6d,67,61,61,6c,68,00,ff
"bboihcapdedhkjbodmeboofjaeallnimnbmn"=hex:69,61,6f,6c,63,63,65,69,63,70,6c,70,
   66,6b,6b,62,6e,6c,00,03
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-17  18:43:06
ComboFix-quarantined-files.txt  2013-11-17 17:43
ComboFix2.txt  2013-11-17 16:37
.
Vor Suchlauf: 19 Verzeichnis(se), 790.424.186.880 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 790.345.367.552 Bytes frei
.
- - End Of File - - 23D6C88FCEA4144D6736980B8430CB3C
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Hmmm das Problem weitet sich aus jetzt ist auch Avira davon betroffen weil es ist Aktiviert aber der Computer sagt also Win 7 schreibt kein Viren Schutz vorhanden und kein Antispyware.

Win 7 erkennt auch das Avira auf dem PC erkennt nicht das Avira an ist.


Alt 18.11.2013, 12:12   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Bei Win7 Start Fehlermeldung RundDLL.

Alt 18.11.2013, 21:55   #7
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Malwarebytes Anti-Malware :

Zitat:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Alexander :: F-STAUDT-PC [Administrator]

Schutz: Aktiviert

18.11.2013 19:21:43
mbam-log-2013-11-18 (19-21-43).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 266593
Laufzeit: 6 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe (PUP.Optional.NetData.A) -> 2168 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {DDD32594-5B18-4B41-982C-0499D2C40BF7} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 6
C:\Users\Alexander\AppData\Roaming\Windows Net Data (PUP.Optional.NetData.A) -> Löschen bei Neustart.
C:\Users\Alexander\AppData\Local\DownloadGuide (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Conduit\IE\CT3306061 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 29
C:\downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\Downloads\SoftonicDownloader_fuer_hexonic-scantopdf.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\Downloads\SoftonicDownloader_fuer_nvu.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\Downloads\vvoiceDEU_trial.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers\IminentSetup.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\13a1f66.msi (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\44890b5.msi (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Roaming\Windows Net Data\well.dat (PUP.Optional.NetData.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Roaming\Windows Net Data\id.dat (PUP.Optional.NetData.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe (PUP.Optional.NetData.A) -> Löschen bei Neustart.
C:\Users\Alexander\AppData\Roaming\Windows Net Data\uninstaller.exe (PUP.Optional.NetData.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\amazon.ico (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Depot-Manager-TS.msi (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\setup.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\setup.exe_date (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\woax_easyfirma_setup.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\woax_easyfirma_setup.exe_date (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers\vis-freeware.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alexander\AppData\Local\DownloadGuide\Offers\Web%2BOptimizer.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Conduit\IE\CT3306061\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
AdwCleaner[S1].txt:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.012 - Bericht erstellt am 18/11/2013 um 22:35:28
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Alexander - F-STAUDT-PC
# Gestartet von : C:\Users\Alexander\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Alexander\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Alexander\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Alexander\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Alexander\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\CT3317892
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\CT3306061
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\gktf9bgu.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_752891\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\u57y9wd7.default-1380908840139\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{422f7661-9403-4da4-b4ef-cc3e268817b5}
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\user.js
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\gktf9bgu.default\user.js
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_752891\user.js
Datei Gelöscht : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\u57y9wd7.default-1380908840139\user.js
Datei Gelöscht : C:\windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\Uniblue

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\prefs.js ]

Zeile gelöscht : user_pref("CT3306061.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3306061.UserID", "UN14192292661832525");
Zeile gelöscht : user_pref("CT3306061.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3306061.fullUserID", "UN14192292661832525.IN.20131113123115");
Zeile gelöscht : user_pref("CT3306061.installDate", "13/11/2013 12:31:16");
Zeile gelöscht : user_pref("CT3306061.installSessionId", "{D1CBBD59-0B4B-4C62-BF1C-83D8255D1BEB}");
Zeile gelöscht : user_pref("CT3306061.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3306061.installerVersion", "1.7.1.7");
Zeile gelöscht : user_pref("CT3306061.keyword", "true");
Zeile gelöscht : user_pref("CT3306061.originalHomepage", "hxxps://www.google.de/");
Zeile gelöscht : user_pref("CT3306061.originalSearchAddressUrl", "");
Zeile gelöscht : user_pref("CT3306061.originalSearchEngine", "");
Zeile gelöscht : user_pref("CT3306061.originalSearchEngineName", "");
Zeile gelöscht : user_pref("CT3306061.searchRevert", "true");
Zeile gelöscht : user_pref("CT3306061.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3306061.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3306061.versionFromInstaller", "10.22.3.18");
Zeile gelöscht : user_pref("CT3306061.xpeMode", "0");
Zeile gelöscht : user_pref("CT3317892.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3317892.UserID", "UN41404503551149961");
Zeile gelöscht : user_pref("CT3317892.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3317892.fullUserID", "UN41404503551149961.IN.20131109150404");
Zeile gelöscht : user_pref("CT3317892.installDate", "09/11/2013 15:04:06");
Zeile gelöscht : user_pref("CT3317892.installSessionId", "{336A4286-66A4-4986-BA70-281E83E50660}");
Zeile gelöscht : user_pref("CT3317892.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3317892.installUsage", "09/11/2013 17:28:43");
Zeile gelöscht : user_pref("CT3317892.installUsageEarly", "09/11/2013 17:28:43");
Zeile gelöscht : user_pref("CT3317892.installerVersion", "1.8.0.14");
Zeile gelöscht : user_pref("CT3317892.keyword", "true");
Zeile gelöscht : user_pref("CT3317892.originalHomepage", "hxxps://www.google.de/");
Zeile gelöscht : user_pref("CT3317892.originalSearchAddressUrl", "");
Zeile gelöscht : user_pref("CT3317892.originalSearchEngine", "");
Zeile gelöscht : user_pref("CT3317892.originalSearchEngineName", "");
Zeile gelöscht : user_pref("CT3317892.searchRevert", "true");
Zeile gelöscht : user_pref("CT3317892.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3317892.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3317892.toolbarInstallDate", "09-11-2013 15:04:04");
Zeile gelöscht : user_pref("CT3317892.versionFromInstaller", "10.21.1.7");
Zeile gelöscht : user_pref("CT3317892.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3317892&octid=CT3317892&SearchSource=61&CUI=UN41404503551149961&UM=2&UP=SP2DAD637C-28DB-47C6-963C-2138B94ACE14");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN14192292661832525&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1384769954426,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022");
Zeile gelöscht : user_pref("extensions.Softonic.id", "c0aace610000000000001c6f655e2e14");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16022");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00009");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=c0aace610000000000001c6f655e2e14&toi=16022&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.28.2");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.28.212:26:07");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.28.2");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14251347fc5cc77bad657b1deb714bc3");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3317892&CUI=UN41404503551149961&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3317892&octid=CT3317892&SearchSource[...]
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317892&SearchSource=2&CUI=UN41404503551149961&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
Zeile gelöscht : user_pref("smartbar.machineId", "R6+Z73YDXYIJAE1R41OYTYEVJFDRNHT9HLZ1R7IFWGS74UZKHKSDFEOLJR9N3AWAK54OU+MJD6JXLUDLVE0SFW");
Zeile gelöscht : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3317892&CUI=UN41404503551149961&UM=2&SearchSource=13");

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\gktf9bgu.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "c0aace610000000000001c6f655e2e14");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "15969");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.25.0");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.25.0");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.25.014:57:13");
Zeile gelöscht : user_pref("iminent.LayoutId", "28");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.version", "7.36.1.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1379768400816,\"InstallEvent\":\"True\"}");

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_752891\prefs.js ]


[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\u57y9wd7.default-1380908840139\prefs.js ]


[ Datei : C:\Users\Kinder\AppData\Roaming\Mozilla\Firefox\Profiles\b3j8db3s.default\prefs.js ]


[ Datei : C:\Users\Firma\AppData\Roaming\Mozilla\Firefox\Profiles\ad73fwlh.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [23800 octets] - [22/10/2013 13:59:53]
AdwCleaner[R1].txt - [14677 octets] - [18/11/2013 22:34:36]
AdwCleaner[S0].txt - [19851 octets] - [22/10/2013 14:00:22]
AdwCleaner[S1].txt - [14299 octets] - [18/11/2013 22:35:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14360 octets] ##########
         
--- --- ---

Junkware Removal Tool:

Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Alexander on 18.11.2013 at 22:44:39,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3871666134-2697713090-3799736864-1017\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bobylyrics
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871666134-2697713090-3799736864-1017\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{07A6CF4E-3E9D-4361-9978-71E75A29AAC1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2BACA8CB-0A13-463D-825A-40382E6B998B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A72ED1C9-598F-4D4A-85ED-A92ED580699B}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Alexander\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{025048CF-223F-4E3B-B064-B63F37E19C20}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0333D0C6-820A-463D-BE8C-35D646999FE0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{03546EE1-79D0-499A-A21C-F19A3F4EE7B3}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{03ECA1FD-5EDA-4722-AA0D-F261BA1D0406}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{04BA4CFC-5A23-46D0-9E79-614EAD6859D5}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{050CC41E-B6C8-481C-BB28-046A0A872866}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{051FD03F-918F-4143-A3FA-45E156DD91BC}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0545E802-19D1-4578-94A7-2FDF4C7DDA8F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{08825B27-0872-44EC-8E14-5E9D08E5C8F0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{08BB33BA-EAC4-4127-8495-638C8F37F41E}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0BC9D5B6-2903-42E6-94AB-E59458CE2748}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0DB4F965-4099-4D80-83DF-37A98BC3B5B7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0DF6D5DC-9C95-48D3-9031-C04AC0DC63D9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{0EB16C53-81E3-4076-9879-839E44526754}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{109CFC4F-5309-4B96-AC26-2B4D50C77EB1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{10CFDD08-D8F3-41AC-9C21-ED949C2D549F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{175F4378-731A-42DF-8F45-DF8A84B3AD3C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{17FBE09E-B923-4138-A066-46E3A519F6FD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{18CF9977-9548-4448-BD07-D55E91DD65E6}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{197E748B-DB96-43D2-AAC4-587290776D4C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{19A7F800-9AE3-43C3-BB9F-08EC9088F1B9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{19D49EAB-1B06-4B30-B12D-5A571EEF5826}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{1A512F22-D0C1-44D8-A3D1-2EA544085BE7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{1C55DCDE-FED6-4B5A-99E6-8C3F01B114C7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{1FE78993-6970-4923-AFEA-40E4D5F3BA8A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2103DBF7-FD24-4EDF-A741-B667520DFA5D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{21549F1C-D22F-4E08-BB3B-F58144D1B772}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{21C92438-969E-4B52-A03F-8F3129F8EBD0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{22F206D2-8679-4223-B2AE-635D0BE03DC2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{25A0B9F5-1B3B-4906-847E-DA94B3A1DAEA}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{25F85F0C-D557-499A-8D79-438858A7E067}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2674832B-C410-4BF8-AE58-32B8A9728EFD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{26B3CFF0-150D-4CBA-9671-7EBD82A9B049}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{27BACD96-CAB1-4941-A7D3-2B126C141AEC}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{29ABF0C3-DF4F-439B-898B-20D3290BE19D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2B641568-9577-4D8E-B8AF-3D21DC4AFB40}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2CAA3DCE-CAFF-4205-9381-19C2D6C4EFDB}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2D528064-D8A5-411D-9C77-0A6E1FD1CF17}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{2DA58B7A-116E-4AEE-B167-5C0082E1D51C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{308D59CE-1EA5-486E-BD9F-09EC59C8B5BF}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{30E08B13-94DA-407D-893C-082A9DD83973}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{33870397-6777-4208-96D5-D1F0070B3DF1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3503D8A1-ECBF-4CB0-9943-9B045E75FF8E}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{36027ABB-8DDA-4803-BFEA-2F009AF08B60}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{369E0F4C-0A2A-4BC4-B928-212962BF5E42}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{36BEBA40-AE21-447F-94F2-6A0A60AD252E}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{381890D4-6321-4EF4-BA66-0EADAA7D1F0A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3B0CD04F-CBDC-4297-A9EA-DD02392331A1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3D3D0A4A-8957-4D49-8262-D38E4A85DCD2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3DF057BB-99EB-4F7B-8365-F12A854D88B2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3E9DF12A-1EED-4A62-926E-6DC473D408DD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{3F2E75F5-5F9C-4E60-A712-03A96D882C80}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{416BCFC3-21D6-4FD8-9471-76C5A5BE96F6}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{423AA96B-27EB-4335-88A1-FD35CF6B6E27}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{42DD8120-DEAE-48D1-A3E5-93E4177C4332}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4A1BDDBB-6018-4ACC-AE94-F557F5AE25C6}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4B3018B6-26FC-4D8D-B883-F1CC806298E1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4D0F4149-E8D0-4C1D-B667-BEB2E73E0FF3}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4E57CCBD-10D7-4723-8A44-2247CA898322}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4E590987-28D1-4EB4-A31A-48549ED75250}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{4F1963F4-427D-4A18-B5B0-F3F276498B5D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{537B755F-AD38-4865-89C8-93E1C9B44A25}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{545433FF-2B81-4D42-B116-C53D63C715BF}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{54E94D71-D50A-4C24-907E-1CD27F859BA1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{587B8B15-0E7B-4061-B110-65863E10AA4F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{58F06693-C1D1-4E0B-9955-03B25C7564C9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{59CB84F2-E4ED-422A-9E82-53BD54523A6E}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{59CBFAF7-1B81-4BCB-9782-A8B3EDD131CB}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{5A29F7B7-DCDC-442B-BAC4-A87680657E36}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{5CD16BBA-652F-4FA4-9882-7B02980CEED3}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{5D419989-6E66-4DA8-A41B-546934D848F0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{5E636F20-2508-486E-83BC-5474AF0D094A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{60E96F19-82CE-4AF4-8221-1632CD1DF309}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{62E9FDAB-54C9-4EAE-AA52-F3EA0A64ABE2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{63043D31-1378-46DE-AD14-F3934C5351E6}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{644CBC33-B656-43BB-BB66-3DE1D5FE918D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{66ABF0BA-34CC-4977-9DDA-D0DF5BD8466A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{675FC7FE-2C60-49E9-9C7D-DB7A2C3AAB2B}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{67EB429B-28BD-4D73-A5FD-ED352D052A4D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{6844C059-8C0D-41EA-9098-5771C5D6D4EA}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{691DDD60-47CB-41DD-BFBD-A804AC56CCB9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{69614665-A1D4-43FB-9A77-3E6F59FD4FF2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{69FEB2F1-A11D-4F0A-8D9B-6025ED5FEB8F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{6A6F2C2B-9356-44CC-A741-7FE7754594E0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{6BF6E892-B09A-4790-BF09-073D26037808}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{6FA9CB77-FEB6-436F-B556-657F33509B08}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{722DAA63-2BAA-4510-B89C-68A6657941A4}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7236E583-F56F-4C7F-9687-5AE3BB2B0873}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{74114008-4F77-438B-9E9F-3D8B8EB0DDD0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{76CC614F-CF7B-4DAD-A2F0-E78991A9326D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7990679A-B86B-4932-8405-6CD80208077A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7AB46714-86A9-4AE3-AFED-284E8A425FB2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7AF3D27A-805E-4A03-A0FB-43AC20E6C19D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7B2EDC91-8F39-4D7D-A8D7-CC90CD125660}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7B76FD4E-3193-480A-9026-1BEF9726EC02}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7DEF0EBC-F0DA-4535-B788-55709B0D817D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7E16FEA6-0011-4B7D-A113-8DA566D4069B}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7E2DADA4-65B5-4E92-AEF3-43575BA366D2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{7FE72321-4900-4AC8-BCF5-D565BC12504F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{807C75AC-75FB-4DFE-A780-EFDA16AEB448}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{808A99F0-2541-4C3E-8ED3-ECB9629B8667}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{811E5C1C-96D3-4830-BA99-8FD4375A4A74}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{834F352C-3EDD-4C8F-84A9-3AC1E6BDEDD7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{849370D7-7D9E-4E66-A611-39C3523BA3D9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{8543C5B2-9E09-4B25-8F68-2892605D18FB}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{87DAA1F7-3372-403E-98B3-81311AB81EE1}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{8B734F9C-9A48-4196-A949-020F436F337D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{8C79A57E-F932-4686-B4F5-99B994BFC549}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{90C1F5E7-9089-4AD7-8CFA-6A8E686C6127}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{916E9C1E-58C4-4C48-95A1-66F9B2350772}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9243DBE8-B3CF-4B7C-B0F8-CF4DDB9DD38B}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{929EC966-8990-4A40-BD8F-CC3C095EB38F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9483BD00-66CC-4750-A349-DA4766D21FEE}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{94EB2929-EB1E-4ACF-8CA0-7AF766CDD4A9}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{952E8ED3-087D-4584-B839-88DF2734A3CE}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{958C2955-AF76-4305-9EEB-2AEF7324E9AD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9B94A1D5-4BAF-4D7E-86F6-06132AD749EF}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9D2C13F5-EAE5-4A8A-A7A8-71A75458A98A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9DFBD600-CB05-4E8D-8955-DE856DE532D7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{9FB27F61-A67C-4CB4-9B86-99198B690615}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A243A822-CAD6-40E7-B415-143C36F38C8F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A3893DB2-2342-4928-9B6C-91AC32C96D5D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A4E70FA2-860B-40E5-8181-776FEF8DEC62}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A5B036EE-D199-4F3E-BE6B-D9A668D5372A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A604472A-2FF9-4327-8883-E4BB811DCA63}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A6C8C1A5-D87C-438F-BB0A-1B644F2B643D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{A95558E2-5EA5-4A5E-B57B-E535CADA56BD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{AA6798D5-3C0C-45B5-9BC7-4BA8BC4079C7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{AAAD3E15-0B46-4479-9457-72CD1CD926D4}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{AAF72164-5FDF-43CB-9536-32B40563C70D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{AC687F17-D767-44D5-B4A8-F05303A992C4}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{AFAE9448-CBE6-46CC-933C-B762C98B456C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B06A1FC9-734C-4C12-93B8-EF62596BADF5}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B2341E94-C7E8-4975-ADD0-52D333293787}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B24D8F2D-2E5A-4B0E-A194-FC5995FEDD21}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B37B447D-3E0C-486A-9F9E-1F2C10687B5B}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B53C24BD-9E1D-4F1D-9540-63DA300512C7}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{B8705C86-74AE-4824-A3FA-58876609B10A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{BA686D6E-CAC6-4903-B8EE-9A8CECD32C7C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{BB768B5B-AA69-4F5D-AE00-9EBB5F00AC2C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{BFE78710-0671-45AF-9E55-4308FF8840E8}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{C17DAFB2-28B0-485B-AB26-F59582CFA60C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{C70C7FC4-CE9F-4CD4-B38E-78FCC32EC642}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{C9DC9DE5-0049-415B-B0F3-E673541839CC}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{CA9C69B6-1FEE-44D6-AD6D-BE1E74B16C0B}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{CBD9D8D7-8807-426F-8C41-C39A19D22AC4}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{CDC7FCC7-C595-4F6D-B210-A571C3378F64}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{CE1B7879-30EE-4E7F-A212-A3E4D2A23229}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D00CCEA6-53FA-47B3-B793-631814998950}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D1AA028C-D585-48F3-9B8A-5E514D53FF11}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D1E8B1FC-732C-4D31-AB9A-321F3B8D4929}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D4716776-95B3-45DF-A864-6B01BF32868A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D7C20B9C-0F96-4045-B807-B9FA4ED2C890}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D8424138-604C-462B-9A03-1DC86F445D79}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{D9BC4DEB-9A99-44CC-831C-B9CE604B9F41}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{DC4729FF-E0E7-4C5A-B95D-914CB57B611A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{DCCEC80B-21C1-41A9-BF7B-16B4B37EC474}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{DD91F726-1CDC-4A07-8070-98F0FBDC0E82}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{DE578B82-4F00-41CF-A556-64D025886B45}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{DE725DD0-1D8D-4C36-AF85-D9E1B9A64792}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{E0897889-D403-427F-A74B-2614CA3D5A60}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{E31721E2-745E-441A-96BE-E8781F72DEFD}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{E4498604-6BD7-4834-9765-109E721CC6F0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{E694C9CD-1DE0-464B-98EF-F487143FA306}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{E8110EB8-84EC-4135-A73D-A777B1584CE4}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EB7660B0-E651-4121-BD4E-DAC7ED7977AA}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EBBA8BE4-1FCC-48A4-8DCB-EDD4566E5696}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EBE506A2-9477-4B50-B632-8E68D99BF8E2}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EC58A456-0AA9-4777-A745-36BED32E7CF6}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EC7AF592-9E70-45CB-A0C4-E82EF3BCF14F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{ECC09D85-14E1-47C7-85D7-94B72CFFAF58}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EEC7C144-D841-41EB-99EC-FC7EA7DBCA7A}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{EFA7DBC3-A7DA-4352-9D8C-33E09BDF0466}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F10038BE-FAEE-4B1B-AFB8-5EC355A441A0}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F160658A-E74D-4809-AEA3-3E42078CFE1F}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F2F4275C-6C96-4C19-993E-B44817E364F3}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F42DB7B3-6691-422F-BEBA-16087378C2CA}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F5A8B5B3-0E30-46E4-BBF5-6BD13756B59C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{F92E18EF-C047-47A2-BBE2-F519BD57E14D}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{FC6733B4-0366-4470-9D34-161BFEF2931C}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{FDDA3868-71B4-421B-A133-CFA4DC6C6822}
Successfully deleted: [Empty Folder] C:\Users\Alexander\appdata\local\{FFBC5335-79FE-4FA0-A151-6E5C30BDE66B}



~~~ FireFox

Successfully deleted: [File] C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\024h6500.default-1380909009678\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted the following from C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\024h6500.default-1380909009678\prefs.js

user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":39,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Anal
user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\"");
user_pref("extensions.AVIRA-V7.hpr_ie", "\"hxxp://avira.search.ask.com/?tpid=AVIRA-V7&o=APN11074&pf=V7&trgb=ALL&p2=%5EB0Q%5EYYYYYY%5EZF%5EDE&gct=hp&apn_ptnrs=%5EB0Q&apn_dtid=%
Emptied folder: C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\024h6500.default-1380909009678\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.11.2013 at 22:51:27,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 19.11.2013, 11:24   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.11.2013, 15:15   #9
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4201a4d91ff07449af413a2b8914ac85
# engine=15940
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 02:41:36
# local_time=2013-11-19 03:41:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 25983 26144 18600 0
# compatibility_mode=5893 16776574 100 94 113635 136501946 0 0
# scanned=252997
# found=0
# cleaned=0
# scan_time=9008

Results of screen317's Security Check version 0.99.76
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.4001)
Malwarebytes Anti-Malware Version 1.75.0.1300
TuneUp Utilities 2014
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 45
Adobe Flash Player 11.9.900.117
Adobe Reader XI
Mozilla Firefox (25.0.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

So verdig geht alles wider ich hoffe das Sie auch zufiden sind .
MfG

Alt 20.11.2013, 09:01   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



FRST fehlt
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.11.2013, 08:17   #11
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Danke schrauber für deine Hilfe .
Da war ich zu voreilig habe alles schon gelöscht .

Alt 01.12.2013, 09:02   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Wie gelöscht?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.12.2013, 20:08   #13
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Den bericht fom Program.

Alt 02.12.2013, 10:41   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



Du sollst einfach nen neuen Scan mit FRST machen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.12.2013, 09:17   #15
A.Staudt79
 
Bei Win7 Start Fehlermeldung RundDLL. - Standard

Bei Win7 Start Fehlermeldung RundDLL.



FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013
Ran by Alexander (administrator) on F-STAUDT-PC on 06-12-2013 10:14:16
Running from C:\Users\Alexander\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Windows Net) C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
() C:\Program Files (x86)\Hilfe Assistent\Hilfe_Assistent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [DisallowRun] 1
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Hilfe Assistent] - C:\Program Files (x86)\Hilfe Assistent\Hilfe_Assistent.exe [17299264 2013-05-24] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKU\Kinder\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-25] (AMD)
HKU\Kinder\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe /autorun
HKU\Kinder\...\Run: [SymphonyPreLoad] - "C:\Program Files (x86)\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\IBM Lotus Symphony" -nogui -nosplash
HKU\Kinder\...\Policies\system: [DisableLockWorkstation] 0
HKU\Kinder\...\Policies\system: [DisableClock] 0
HKU\Kinder\...\Policies\system: [LogonHoursAction] 2
HKU\Kinder\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IFEO\itunes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspscan.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pccompanion.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\realconverter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\realplay.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\realtrimmer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\rnxproc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tomtomhome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vid.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Alexander\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x44CDAB93487BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {1825A0C3-CCF3-4A38-B0BF-F8A58377514A} URL = 
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Google
SearchScopes: HKCU - DefaultScope {1825A0C3-CCF3-4A38-B0BF-F8A58377514A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {1825A0C3-CCF3-4A38-B0BF-F8A58377514A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {70844FA2-EA47-4B43-931A-431F6417244C} URL = 
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll ()
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678
FF DefaultSearchEngine: RadioTotal1 Customized Web Search
FF SelectedSearchEngine: RadioTotal1 Customized Web Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317892&SearchSource=2&CUI=UN38413591411696612&UM=2&sspv=TB_TNI&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: vis - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Spartipps von SparPilot.com - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\sparpilot@sparpilot.com
FF Extension: RadioTotal1  - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{422f7661-9403-4da4-b4ef-cc3e268817b5}
FF Extension: prefs - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{1909da52-730a-4e17-922a-6820837f68de}.xpi
FF Extension: Adblock Plus - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\024h6500.default-1380909009678\Extensions\{f2e20f61-9542-4a93-9391-448d442575cc}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (VIS) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Alexander\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-04] (Akamai Technologies, Inc.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-05-21] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MSSQL$ZOOM; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132056 2012-07-17] (Symantec Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2011-03-24] (BitDefender)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-06 10:14 - 2013-12-06 10:14 - 00023671 _____ C:\Users\Alexander\Desktop\FRST.txt
2013-12-06 10:12 - 2013-12-06 10:12 - 01925140 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2013-12-02 21:45 - 2013-12-02 21:45 - 00000000 ____D C:\Program Files (x86)\FutureCode
2013-12-02 19:53 - 2013-12-02 19:53 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5_
2013-12-02 19:53 - 2013-12-02 19:53 - 00000000 ____D C:\allegro-it
2013-12-02 19:45 - 2013-12-02 19:45 - 00000000 ____D C:\Users\Alexander\AppData\Local\bNICE
2013-12-02 19:44 - 2013-12-02 19:44 - 00000000 ____D C:\Users\Public\Documents\bNICE
2013-12-01 13:44 - 2013-12-01 13:44 - 30992256 _____ C:\Users\Alexander\Downloads\TomTomHOME2winlatest.exe
2013-11-30 15:47 - 2013-11-30 15:48 - 00000000 ____D C:\Users\Alexander\Downloads\sqlnativeclient
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\wwwroot
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\trace
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\stats
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\srsdataconnector
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\sql
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\reports
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\pfiles
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\gac
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\dw
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\de
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\bin
2013-11-30 12:12 - 2013-11-30 12:12 - 00000921 _____ C:\Users\Alexander\Desktop\Windows Mobile-Gerätecenter.lnk
2013-11-30 12:08 - 2013-11-30 12:08 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2013-11-30 12:06 - 2013-11-30 12:07 - 00000000 ____D C:\windows\WindowsMobile
2013-11-30 11:30 - 2013-11-30 11:30 - 00003046 _____ C:\windows\System32\Tasks\{A6743D49-844D-4C20-A65B-4310E0DB6230}
2013-11-29 11:31 - 2013-12-06 08:32 - 00001783 _____ C:\windows\setupact.log
2013-11-29 11:31 - 2013-11-29 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-11-29 11:30 - 2013-12-05 09:45 - 00007626 _____ C:\windows\PFRO.log
2013-11-28 21:44 - 2013-11-28 21:44 - 00000892 _____ C:\Users\Alexander\Desktop\Nvu (2).lnk
2013-11-28 20:59 - 2013-11-28 20:59 - 00000000 ____D C:\Users\Kinder\AppData\Roaming\Avira
2013-11-28 19:49 - 2013-11-28 19:49 - 00000000 ____D C:\Program Files\Windows Live
2013-11-28 19:48 - 2013-11-28 19:48 - 00003172 _____ C:\windows\System32\Tasks\{120A297E-0763-4DA0-82DB-AE993DE3AF2D}
2013-11-28 18:28 - 2013-11-28 18:28 - 00003296 _____ C:\windows\System32\Tasks\{0BF1626A-B21A-41E5-8584-ED9F7A784F0A}
2013-11-28 18:16 - 2013-11-28 18:16 - 00000000 ____D C:\Users\Alexander\Documents\My Weblog Posts
2013-11-28 16:54 - 2013-11-28 16:55 - 00000000 ____D C:\Users\Alexander\AppData\Local\{4D77D3BE-2945-4711-B617-14B3B6BC7DD3}
2013-11-28 15:54 - 2013-11-28 15:54 - 00000000 ____D C:\Users\LBSB\AppData\Local\mquadr.at
2013-11-28 15:53 - 2013-11-28 15:53 - 00000000 ____D C:\Users\Kinder\AppData\Roaming\Skype
2013-11-28 15:26 - 2013-11-28 15:54 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Skype
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Avira
2013-11-28 15:14 - 2013-11-28 15:14 - 00154048 _____ C:\Users\LBSB\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Mozilla
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Local\Mozilla
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Local\DTAG
2013-11-28 15:13 - 2013-11-28 16:08 - 00000000 ____D C:\Users\LBSB
2013-11-28 15:13 - 2013-11-28 15:13 - 00001392 _____ C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 15:13 - 2013-11-28 15:13 - 00000306 __RSH C:\Users\LBSB\ntuser.pol
2013-11-28 15:13 - 2013-11-28 15:13 - 00000020 ___SH C:\Users\LBSB\ntuser.ini
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Vorlagen
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Startmenü
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Netzwerkumgebung
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Lokale Einstellungen
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Eigene Dateien
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Druckumgebung
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Documents\Eigene Musik
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Documents\Eigene Bilder
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Local\Verlauf
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Local\Anwendungsdaten
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Anwendungsdaten
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Adobe
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ____D C:\Users\LBSB\AppData\Local\VirtualStore
2013-11-28 15:13 - 2013-07-23 06:53 - 00000000 ____D C:\Users\LBSB\AppData\Local\Microsoft Help
2013-11-28 15:13 - 2013-04-02 10:28 - 00002131 _____ C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-28 15:13 - 2012-05-03 16:34 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Macromedia
2013-11-28 15:13 - 2009-10-30 11:21 - 00001304 _____ C:\Users\LBSB\Desktop\Backup and Restore Center.lnk
2013-11-28 15:13 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-28 15:13 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-28 15:13 - 2008-11-14 14:28 - 00000197 _____ C:\Users\LBSB\Desktop\Hyrican - Newsletter.url
2013-11-27 09:26 - 2011-09-22 21:07 - 00105832 _____ (Microsoft Corporation) C:\windows\system32\SQSRVRES.DLL
2013-11-27 09:26 - 2011-09-22 21:06 - 00109416 _____ (Microsoft Corporation) C:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-11-27 09:26 - 2011-09-22 17:18 - 00073064 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-11-27 09:25 - 2013-11-27 09:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-11-26 08:25 - 2013-11-26 08:25 - 00000044 _____ C:\windows\SysWOW64\sqlprov.log
2013-11-25 22:40 - 2013-11-25 22:40 - 00000000 ____D C:\Users\Alexander\AppData\Local\2zoom
2013-11-25 22:27 - 2013-11-25 22:27 - 00000000 ____D C:\Users\Alexander\.adito
2013-11-25 22:26 - 2013-11-25 22:54 - 00000000 ____D C:\meinCRM3
2013-11-25 22:13 - 2013-11-25 22:13 - 00000000 ____D C:\Users\Alexander\.yabs
2013-11-25 21:51 - 2013-11-25 21:51 - 00000000 ____D C:\windows\system32\RsFx
2013-11-25 21:51 - 2009-07-21 01:42 - 00078872 _____ (Microsoft Corporation) C:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2013-11-25 21:51 - 2009-07-21 01:42 - 00050200 _____ (Microsoft Corporation) C:\windows\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2013-11-25 21:50 - 2013-11-25 21:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-11-25 21:48 - 2013-11-27 09:21 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-25 21:48 - 2013-11-27 09:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-25 21:45 - 2013-12-02 19:41 - 00000000 ____D C:\bnice_setup
2013-11-25 21:29 - 2013-12-02 19:53 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Windows Net Data
2013-11-25 21:29 - 2013-11-25 22:17 - 00000000 ____D C:\Users\Alexander\AppData\Local\Conduit
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Steppat GmbH  - D 55743 Idar-Oberstein
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\ProgramData\Conduit
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-25 21:27 - 2013-11-25 21:29 - 00000009 _____ C:\END
2013-11-25 21:27 - 2013-11-25 21:27 - 00000000 ____D C:\Users\Alexander\AppData\Local\DownloadGuide
2013-11-25 20:50 - 2013-11-25 20:50 - 00000000 ____D C:\ProgramData\hds
2013-11-25 10:49 - 2013-12-02 08:42 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-22 17:04 - 2013-11-22 17:04 - 00335480 _____ (Bytro Labs) C:\Users\Alexander\Downloads\S1914JavaInstaller.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-20 09:26 - 2013-11-20 09:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-20 09:26 - 2013-11-20 09:27 - 00000000 ____D C:\Program Files\iTunes
2013-11-20 09:26 - 2013-11-20 09:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-20 09:26 - 2013-11-20 09:26 - 00000000 ____D C:\Program Files\iPod
2013-11-20 09:24 - 2013-11-20 09:24 - 00000000 ____D C:\Program Files\Bonjour
2013-11-20 09:24 - 2013-11-20 09:24 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-19 09:34 - 2013-11-19 09:34 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Avira
2013-11-19 09:29 - 2013-11-19 15:54 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 09:28 - 2013-12-03 10:19 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-19 09:28 - 2013-11-19 15:54 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 09:28 - 2013-11-19 15:54 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 09:28 - 2013-11-19 09:28 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-19 09:25 - 2013-12-02 10:48 - 00003376 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-19 09:25 - 2013-12-02 10:48 - 00003250 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\windows\ERUNT
2013-11-18 22:33 - 2013-11-18 22:33 - 01085542 _____ C:\Users\Alexander\Downloads\adwcleaner.exe
2013-11-18 19:20 - 2013-11-18 19:20 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-18 19:20 - 2013-11-18 19:20 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Malwarebytes
2013-11-18 19:20 - 2013-11-18 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 19:19 - 2013-11-18 19:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 19:19 - 2013-11-18 19:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alexander\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 19:19 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-11-18 17:17 - 2013-11-18 17:17 - 104931504 _____ C:\windows\SysWOW64\䒘గ„
2013-11-18 11:17 - 2013-11-18 11:17 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-11-18 11:17 - 2013-11-18 11:17 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-11-17 18:43 - 2013-11-17 18:43 - 00034881 _____ C:\ComboFix.txt
2013-11-17 17:38 - 2013-11-17 18:43 - 00000000 ____D C:\ComboFix
2013-11-17 17:04 - 2013-11-17 18:43 - 00000000 ____D C:\Qoobox
2013-11-17 17:04 - 2013-11-17 17:33 - 00000000 ____D C:\windows\erdnt
2013-11-17 17:04 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2013-11-17 17:04 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2013-11-17 17:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-11-17 17:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-11-17 17:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-11-17 17:04 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2013-11-17 17:04 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2013-11-17 17:04 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2013-11-16 08:48 - 2013-11-16 08:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 08:09 - 2013-11-16 08:09 - 00000000 ____D C:\FRST
2013-11-16 08:07 - 2013-11-16 08:07 - 00050477 _____ C:\Users\Alexander\Downloads\Defogger.exe
2013-11-16 08:07 - 2013-11-16 08:07 - 00000000 _____ C:\Users\Alexander\defogger_reenable
2013-11-13 15:26 - 2013-11-13 15:26 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\appthology.net
2013-11-13 13:56 - 2013-11-13 13:57 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MediaMan
2013-11-13 12:22 - 2013-11-13 12:25 - 00000736 _____ C:\windows\SysWOW64\ImageCaptureSuite.lic
2013-11-13 12:22 - 2013-11-13 12:22 - 00000052 _____ C:\windows\SysWOW64\ds_icsdr_f.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-12 22:58 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2013-11-12 22:58 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-12 22:58 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-12 22:58 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2013-11-12 22:58 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2013-11-12 22:58 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2013-11-12 22:58 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2013-11-12 22:58 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2013-11-12 22:58 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2013-11-12 22:58 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2013-11-12 22:58 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2013-11-12 22:58 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2013-11-12 22:58 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2013-11-12 22:58 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2013-11-12 22:58 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2013-11-12 22:58 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2013-11-12 22:58 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-11-12 22:58 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-11-12 22:53 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-12 22:53 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-12 22:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-12 22:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-12 22:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-12 22:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 22:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-12 22:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-12 22:53 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-12 22:53 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-12 22:53 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-12 22:53 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-12 22:53 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-12 22:53 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-12 22:53 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-12 22:53 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-12 22:53 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-12 22:53 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-12 22:53 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-12 22:53 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-12 22:53 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-12 22:51 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-12 22:51 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-12 22:51 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-12 22:51 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-12 22:51 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 22:51 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-12 22:51 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-09 17:49 - 2013-11-09 17:49 - 00000000 ____D C:\Users\Alexander\Downloads\CRMadar
2013-11-09 17:36 - 2013-11-09 17:36 - 00001106 _____ C:\Users\Kinder\Desktop\Zeiterfassung.lnk
2013-11-09 17:36 - 2013-11-09 17:36 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\IT-Service Christian Hau (Internet, Netzwerke, EDV-Service :: IT-Service Christian Hau, Memmingen)
2013-11-09 17:29 - 2013-11-09 17:34 - 00000000 ____D C:\Users\Alexander\AppData\Local\Deployment
2013-11-09 17:29 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Apps\2.0
2013-11-09 15:15 - 2013-11-09 15:15 - 00000089 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-11-09 15:14 - 2013-11-09 15:18 - 00000000 ____D C:\Program Files (x86)\EasyFirma
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\WoAx-IT
2013-11-09 09:07 - 2013-12-05 17:58 - 00000000 ____D C:\Users\Alexander\AppData\Local\FutureCode
2013-11-09 09:07 - 2013-12-05 17:58 - 00000000 ____D C:\ProgramData\firebird
2013-11-09 09:06 - 2013-12-02 21:47 - 00000000 ____D C:\Users\Public\Documents\FutureCode
2013-11-09 09:06 - 2013-11-09 09:06 - 06399352 _____ (                                                            ) C:\Users\Alexander\Downloads\cassandra_setup.exe
2013-11-06 15:24 - 2013-11-06 15:24 - 00001172 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2013 Premium.lnk
2013-11-06 13:54 - 2013-11-06 13:54 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicEditor
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\ChromeExtensions
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempcd836cd86b6a58a7710ad2c090db7860
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Temp6c805cd7a53f3698b5c0466f4ab6d0bb
2013-11-06 13:43 - 2013-11-06 13:43 - 00669952 _____ C:\Users\Alexander\Downloads\MAGIX-Music-Maker-2013-Premium-Setup.exe
2013-11-06 00:49 - 2013-11-06 20:53 - 00000000 ____D C:\windows\Lhsp
2013-11-06 00:49 - 2013-11-06 00:52 - 00000000 ____D C:\Users\Alexander\AppData\Local\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:51 - 00000000 ____D C:\Program Files (x86)\Virtual Voice
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\Documents\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\cache
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\.android
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 _____ C:\Users\Alexander\daemonprocess.txt
2013-11-06 00:48 - 2013-11-06 00:52 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-11-06 00:34 - 2013-11-06 00:37 - 00000000 ____D C:\Program Files (x86)\MWS Reader 5
2013-11-06 00:33 - 2013-11-06 00:33 - 63070500 _____ (directINNOVATION UG (haftungsbeschränkt)                    ) C:\Users\Alexander\Downloads\mwsr5_setup.exe

==================== One Month Modified Files and Folders =======

2013-12-06 10:14 - 2013-12-06 10:14 - 00023671 _____ C:\Users\Alexander\Desktop\FRST.txt
2013-12-06 10:12 - 2013-12-06 10:12 - 01925140 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2013-12-06 09:50 - 2011-03-28 07:06 - 01072479 _____ C:\windows\WindowsUpdate.log
2013-12-06 09:45 - 2012-04-11 08:18 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 08:41 - 2012-08-16 12:19 - 00000000 ____D C:\Users\Alexander
2013-12-06 08:40 - 2009-07-14 05:45 - 00018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 08:40 - 2009-07-14 05:45 - 00018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 08:32 - 2013-11-29 11:31 - 00001783 _____ C:\windows\setupact.log
2013-12-06 08:32 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-05 17:58 - 2013-11-09 09:07 - 00000000 ____D C:\Users\Alexander\AppData\Local\FutureCode
2013-12-05 17:58 - 2013-11-09 09:07 - 00000000 ____D C:\ProgramData\firebird
2013-12-05 09:45 - 2013-11-29 11:30 - 00007626 _____ C:\windows\PFRO.log
2013-12-04 21:35 - 2013-08-12 09:14 - 00000000 ____D C:\Users\Alexander\Desktop\Sammel Ordner Wichtig
2013-12-04 18:38 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2013-12-04 15:36 - 2012-08-16 13:37 - 00000000 ____D C:\Users\Alexander\Desktop\Tina
2013-12-03 10:19 - 2013-11-19 09:28 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-12-02 22:59 - 2012-08-16 13:25 - 00551424 ___SH C:\Users\Alexander\Desktop\Thumbs.db
2013-12-02 21:48 - 2013-11-01 16:55 - 00000000 ____D C:\Users\Alexander\Desktop\Selbständig
2013-12-02 21:47 - 2013-11-09 09:06 - 00000000 ____D C:\Users\Public\Documents\FutureCode
2013-12-02 21:45 - 2013-12-02 21:45 - 00000000 ____D C:\Program Files (x86)\FutureCode
2013-12-02 21:10 - 2012-09-22 22:18 - 00000000 ____D C:\Users\Alexander\AppData\Local\Downloaded Installations
2013-12-02 19:53 - 2013-12-02 19:53 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5_
2013-12-02 19:53 - 2013-12-02 19:53 - 00000000 ____D C:\allegro-it
2013-12-02 19:53 - 2013-11-25 21:29 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Windows Net Data
2013-12-02 19:53 - 2012-08-16 12:19 - 00000000 ___RD C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-02 19:45 - 2013-12-02 19:45 - 00000000 ____D C:\Users\Alexander\AppData\Local\bNICE
2013-12-02 19:44 - 2013-12-02 19:44 - 00000000 ____D C:\Users\Public\Documents\bNICE
2013-12-02 19:41 - 2013-11-25 21:45 - 00000000 ____D C:\bnice_setup
2013-12-02 10:48 - 2013-11-19 09:25 - 00003376 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-12-02 10:48 - 2013-11-19 09:25 - 00003250 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-12-02 08:43 - 2012-08-17 13:20 - 00000000 ____D C:\Users\Alexander\AppData\Local\Adobe
2013-12-02 08:43 - 2012-04-11 08:18 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 08:42 - 2013-11-25 10:49 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 08:42 - 2011-05-20 06:44 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 08:34 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-01 20:29 - 2009-07-14 18:58 - 00813270 _____ C:\windows\system32\perfh007.dat
2013-12-01 20:29 - 2009-07-14 18:58 - 00193260 _____ C:\windows\system32\perfc007.dat
2013-12-01 20:29 - 2009-07-14 06:13 - 01940624 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-01 16:13 - 2013-01-06 08:01 - 00003016 _____ C:\windows\System32\Tasks\{124F2ECE-ABCD-448A-9E9C-BB147A7617EE}
2013-12-01 13:44 - 2013-12-01 13:44 - 30992256 _____ C:\Users\Alexander\Downloads\TomTomHOME2winlatest.exe
2013-11-30 15:48 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\sqlnativeclient
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\wwwroot
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\trace
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\stats
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\srsdataconnector
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\sql
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\reports
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\pfiles
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\gac
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\dw
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\de
2013-11-30 15:47 - 2013-11-30 15:47 - 00000000 ____D C:\Users\Alexander\Downloads\bin
2013-11-30 12:12 - 2013-11-30 12:12 - 00000921 _____ C:\Users\Alexander\Desktop\Windows Mobile-Gerätecenter.lnk
2013-11-30 12:08 - 2013-11-30 12:08 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2013-11-30 12:07 - 2013-11-30 12:06 - 00000000 ____D C:\windows\WindowsMobile
2013-11-30 11:30 - 2013-11-30 11:30 - 00003046 _____ C:\windows\System32\Tasks\{A6743D49-844D-4C20-A65B-4310E0DB6230}
2013-11-29 11:31 - 2013-11-29 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-11-28 21:44 - 2013-11-28 21:44 - 00000892 _____ C:\Users\Alexander\Desktop\Nvu (2).lnk
2013-11-28 20:59 - 2013-11-28 20:59 - 00000000 ____D C:\Users\Kinder\AppData\Roaming\Avira
2013-11-28 20:53 - 2012-08-16 14:54 - 00000000 ____D C:\Users\Kinder
2013-11-28 20:16 - 2012-03-30 11:43 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-28 20:16 - 2011-04-17 21:05 - 00000000 ____D C:\ProgramData\Skype
2013-11-28 19:49 - 2013-11-28 19:49 - 00000000 ____D C:\Program Files\Windows Live
2013-11-28 19:49 - 2012-12-07 16:21 - 00000000 ____D C:\Users\Alexander\AppData\Local\CrashDumps
2013-11-28 19:48 - 2013-11-28 19:48 - 00003172 _____ C:\windows\System32\Tasks\{120A297E-0763-4DA0-82DB-AE993DE3AF2D}
2013-11-28 18:28 - 2013-11-28 18:28 - 00003296 _____ C:\windows\System32\Tasks\{0BF1626A-B21A-41E5-8584-ED9F7A784F0A}
2013-11-28 18:16 - 2013-11-28 18:16 - 00000000 ____D C:\Users\Alexander\Documents\My Weblog Posts
2013-11-28 18:16 - 2012-08-16 13:46 - 00000000 ____D C:\Users\Alexander\AppData\Local\Windows Live Writer
2013-11-28 16:55 - 2013-11-28 16:54 - 00000000 ____D C:\Users\Alexander\AppData\Local\{4D77D3BE-2945-4711-B617-14B3B6BC7DD3}
2013-11-28 16:08 - 2013-11-28 15:13 - 00000000 ____D C:\Users\LBSB
2013-11-28 15:54 - 2013-11-28 15:54 - 00000000 ____D C:\Users\LBSB\AppData\Local\mquadr.at
2013-11-28 15:54 - 2013-11-28 15:26 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Skype
2013-11-28 15:53 - 2013-11-28 15:53 - 00000000 ____D C:\Users\Kinder\AppData\Roaming\Skype
2013-11-28 15:48 - 2012-08-25 10:33 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Skype
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Avira
2013-11-28 15:14 - 2013-11-28 15:14 - 00154048 _____ C:\Users\LBSB\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Mozilla
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Local\Mozilla
2013-11-28 15:14 - 2013-11-28 15:14 - 00000000 ____D C:\Users\LBSB\AppData\Local\DTAG
2013-11-28 15:13 - 2013-11-28 15:13 - 00001392 _____ C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 15:13 - 2013-11-28 15:13 - 00000306 __RSH C:\Users\LBSB\ntuser.pol
2013-11-28 15:13 - 2013-11-28 15:13 - 00000020 ___SH C:\Users\LBSB\ntuser.ini
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Vorlagen
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Startmenü
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Netzwerkumgebung
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Lokale Einstellungen
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Eigene Dateien
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Druckumgebung
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Documents\Eigene Musik
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Documents\Eigene Bilder
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Local\Verlauf
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\AppData\Local\Anwendungsdaten
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 _SHDL C:\Users\LBSB\Anwendungsdaten
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ___RD C:\Users\LBSB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ____D C:\Users\LBSB\AppData\Roaming\Adobe
2013-11-28 15:13 - 2013-11-28 15:13 - 00000000 ____D C:\Users\LBSB\AppData\Local\VirtualStore
2013-11-28 15:06 - 2012-08-16 15:02 - 00154048 _____ C:\Users\Kinder\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-28 15:05 - 2012-08-16 14:54 - 00001432 _____ C:\Users\Kinder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-28 15:05 - 2012-08-16 14:54 - 00000000 ___RD C:\Users\Kinder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 15:05 - 2012-08-16 14:54 - 00000000 ___RD C:\Users\Kinder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-28 08:27 - 2011-04-05 13:33 - 01915486 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-27 09:25 - 2013-11-27 09:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-11-27 09:21 - 2013-11-25 21:48 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-27 09:21 - 2013-11-25 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-26 08:25 - 2013-11-26 08:25 - 00000044 _____ C:\windows\SysWOW64\sqlprov.log
2013-11-26 06:08 - 2013-07-21 19:51 - 00000000 ____D C:\Program Files\Google
2013-11-26 06:08 - 2013-01-13 14:03 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-25 23:02 - 2011-04-08 17:32 - 00003694 _____ C:\windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-11-25 22:54 - 2013-11-25 22:26 - 00000000 ____D C:\meinCRM3
2013-11-25 22:44 - 2013-04-10 15:20 - 00216064 ___SH C:\Users\Alexander\Documents\Thumbs.db
2013-11-25 22:40 - 2013-11-25 22:40 - 00000000 ____D C:\Users\Alexander\AppData\Local\2zoom
2013-11-25 22:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration
2013-11-25 22:27 - 2013-11-25 22:27 - 00000000 ____D C:\Users\Alexander\.adito
2013-11-25 22:17 - 2013-11-25 21:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Conduit
2013-11-25 22:13 - 2013-11-25 22:13 - 00000000 ____D C:\Users\Alexander\.yabs
2013-11-25 21:51 - 2013-11-25 21:51 - 00000000 ____D C:\windows\system32\RsFx
2013-11-25 21:50 - 2013-11-25 21:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-11-25 21:50 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Steppat GmbH  - D 55743 Idar-Oberstein
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\ProgramData\Conduit
2013-11-25 21:29 - 2013-11-25 21:29 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-25 21:29 - 2013-11-25 21:27 - 00000009 _____ C:\END
2013-11-25 21:29 - 2013-01-13 14:03 - 00000000 ____D C:\Users\Alexander\AppData\Local\Google
2013-11-25 21:27 - 2013-11-25 21:27 - 00000000 ____D C:\Users\Alexander\AppData\Local\DownloadGuide
2013-11-25 20:52 - 2012-08-16 12:19 - 00000000 ____D C:\Users\Alexander\AppData\Local\VirtualStore
2013-11-25 20:50 - 2013-11-25 20:50 - 00000000 ____D C:\ProgramData\hds
2013-11-25 12:02 - 2012-08-16 14:39 - 00003230 _____ C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3871666134-2697713090-3799736864-1017
2013-11-25 12:01 - 2011-04-08 17:32 - 00003758 _____ C:\windows\System32\Tasks\Real Player-Online-Aktualisierungsprogramm
2013-11-25 11:48 - 2013-11-04 14:19 - 00003550 _____ C:\windows\System32\Tasks\Moo0 Multi-Desktop 1.17
2013-11-25 10:58 - 2013-10-05 13:01 - 00000000 ____D C:\ProgramData\Google
2013-11-25 10:57 - 2013-01-06 08:22 - 00007596 _____ C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg
2013-11-24 17:52 - 2011-04-16 20:01 - 00003704 _____ C:\windows\System32\Tasks\Java Update Scheduler
2013-11-24 16:38 - 2011-05-20 13:56 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2013-11-22 21:09 - 2011-04-27 12:00 - 00000000 ____D C:\windows\System32\Tasks\Games
2013-11-22 17:04 - 2013-11-22 17:04 - 00335480 _____ (Bytro Labs) C:\Users\Alexander\Downloads\S1914JavaInstaller.exe
2013-11-22 14:20 - 2013-10-17 13:56 - 00000000 ____D C:\ProgramData\Oracle
2013-11-22 14:19 - 2013-11-22 14:19 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-11-22 14:19 - 2013-11-22 14:19 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-22 14:19 - 2013-08-20 16:11 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-21 08:14 - 2009-07-14 03:34 - 85458944 _____ C:\windows\system32\config\SOFTWARE_tureg_old
2013-11-21 08:14 - 2009-07-14 03:34 - 20185088 _____ C:\windows\system32\config\SYSTEM_tureg_old
2013-11-21 08:14 - 2009-07-14 03:34 - 00032768 _____ C:\windows\system32\config\SECURITY_tureg_old
2013-11-20 21:47 - 2009-07-14 03:34 - 00524288 _____ C:\windows\system32\config\DEFAULT_tureg_old
2013-11-20 21:47 - 2009-07-14 03:34 - 00135168 _____ C:\windows\system32\config\SAM_tureg_old
2013-11-20 12:34 - 2013-10-18 09:40 - 00000000 ____D C:\Users\Alexander\Documents\Taxpool-Buchhalter
2013-11-20 09:52 - 2012-08-16 13:37 - 00000000 ___RD C:\Users\Alexander\Desktop\Player
2013-11-20 09:27 - 2013-11-20 09:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-20 09:27 - 2013-11-20 09:26 - 00000000 ____D C:\Program Files\iTunes
2013-11-20 09:27 - 2013-11-20 09:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-20 09:26 - 2013-11-20 09:26 - 00000000 ____D C:\Program Files\iPod
2013-11-20 09:24 - 2013-11-20 09:24 - 00000000 ____D C:\Program Files\Bonjour
2013-11-20 09:24 - 2013-11-20 09:24 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-19 15:54 - 2013-11-19 09:29 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 15:54 - 2013-11-19 09:28 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 15:54 - 2013-11-19 09:28 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 09:34 - 2013-11-19 09:34 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Avira
2013-11-19 09:31 - 2012-08-16 13:38 - 00000000 ___RD C:\Users\Alexander\Desktop\Wichtige Programme PC
2013-11-19 09:28 - 2013-11-19 09:28 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-19 09:28 - 2013-08-30 08:12 - 00000000 ____D C:\ProgramData\Avira
2013-11-18 23:51 - 2012-08-16 13:26 - 00000000 ___RD C:\Users\Alexander\Desktop\DVD ertellen
2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\windows\ERUNT
2013-11-18 22:35 - 2013-10-22 13:59 - 00000000 ____D C:\AdwCleaner
2013-11-18 22:33 - 2013-11-18 22:33 - 01085542 _____ C:\Users\Alexander\Downloads\adwcleaner.exe
2013-11-18 19:29 - 2013-09-21 11:38 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-18 19:20 - 2013-11-18 19:20 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-18 19:20 - 2013-11-18 19:20 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Malwarebytes
2013-11-18 19:20 - 2013-11-18 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 19:20 - 2013-11-18 19:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 19:19 - 2013-11-18 19:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alexander\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 17:17 - 2013-11-18 17:17 - 104931504 _____ C:\windows\SysWOW64\䒘గ„
2013-11-18 11:17 - 2013-11-18 11:17 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-11-18 11:17 - 2013-11-18 11:17 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-11-17 18:43 - 2013-11-17 18:43 - 00034881 _____ C:\ComboFix.txt
2013-11-17 18:43 - 2013-11-17 17:38 - 00000000 ____D C:\ComboFix
2013-11-17 18:43 - 2013-11-17 17:04 - 00000000 ____D C:\Qoobox
2013-11-17 18:27 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2013-11-17 17:37 - 2009-07-14 04:20 - 00000000 ___RD C:\Users\Default
2013-11-17 17:33 - 2013-11-17 17:04 - 00000000 ____D C:\windows\erdnt
2013-11-16 16:56 - 2013-02-25 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 08:48 - 2013-11-16 08:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 08:09 - 2013-11-16 08:09 - 00000000 ____D C:\FRST
2013-11-16 08:07 - 2013-11-16 08:07 - 00050477 _____ C:\Users\Alexander\Downloads\Defogger.exe
2013-11-16 08:07 - 2013-11-16 08:07 - 00000000 _____ C:\Users\Alexander\defogger_reenable
2013-11-15 18:50 - 2011-01-18 08:18 - 00000000 ____D C:\windows\Panther
2013-11-15 18:21 - 2009-07-14 05:54 - 00000749 ___RH C:\windows\WindowsShell.Manifest
2013-11-15 18:21 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-13 15:26 - 2013-11-13 15:26 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\appthology.net
2013-11-13 13:57 - 2013-11-13 13:56 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MediaMan
2013-11-13 12:25 - 2013-11-13 12:22 - 00000736 _____ C:\windows\SysWOW64\ImageCaptureSuite.lic
2013-11-13 12:22 - 2013-11-13 12:22 - 00000052 _____ C:\windows\SysWOW64\ds_icsdr_f.dll
2013-11-13 12:22 - 2013-06-29 15:22 - 00000000 ____D C:\windows\Downloaded Installations
2013-11-13 10:36 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2013-11-12 23:31 - 2012-08-16 12:19 - 00001304 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 23:27 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-12 22:59 - 2013-11-12 22:59 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-12 22:59 - 2013-11-12 22:59 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-12 22:59 - 2013-11-12 22:59 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-12 22:59 - 2013-11-12 22:59 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-12 22:59 - 2013-11-12 22:59 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-12 22:59 - 2013-11-12 22:59 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-12 22:59 - 2013-11-12 22:59 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-12 22:59 - 2013-11-12 22:59 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-12 22:58 - 2011-08-31 10:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 22:57 - 2013-07-20 07:46 - 00000000 ____D C:\windows\system32\MRT
2013-11-12 22:55 - 2011-01-18 13:24 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-11 05:50 - 2011-01-18 13:24 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-09 17:49 - 2013-11-09 17:49 - 00000000 ____D C:\Users\Alexander\Downloads\CRMadar
2013-11-09 17:36 - 2013-11-09 17:36 - 00001106 _____ C:\Users\Kinder\Desktop\Zeiterfassung.lnk
2013-11-09 17:36 - 2013-11-09 17:36 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\IT-Service Christian Hau (Internet, Netzwerke, EDV-Service :: IT-Service Christian Hau, Memmingen)
2013-11-09 17:34 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Deployment
2013-11-09 17:29 - 2013-11-09 17:29 - 00000000 ____D C:\Users\Alexander\AppData\Local\Apps\2.0
2013-11-09 15:18 - 2013-11-09 15:14 - 00000000 ____D C:\Program Files (x86)\EasyFirma
2013-11-09 15:15 - 2013-11-09 15:15 - 00000089 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-11-09 15:04 - 2013-11-09 15:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\WoAx-IT
2013-11-09 09:06 - 2013-11-09 09:06 - 06399352 _____ (                                                            ) C:\Users\Alexander\Downloads\cassandra_setup.exe
2013-11-06 20:53 - 2013-11-06 00:49 - 00000000 ____D C:\windows\Lhsp
2013-11-06 16:40 - 2012-08-16 12:19 - 00154048 _____ C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-06 16:39 - 2009-07-14 05:45 - 00518408 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-06 16:38 - 2013-02-01 15:05 - 00000000 ____D C:\Users\Alexander\AppData\Local\MWSReader
2013-11-06 15:25 - 2013-10-26 15:38 - 00000000 ___RD C:\Users\Alexander\Documents\MAGIX
2013-11-06 15:25 - 2013-10-26 14:06 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\MAGIX
2013-11-06 15:24 - 2013-11-06 15:24 - 00001172 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2013 Premium.lnk
2013-11-06 15:24 - 2013-10-26 15:38 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2013-11-06 15:23 - 2011-06-07 21:29 - 00000000 ____D C:\ProgramData\MAGIX
2013-11-06 15:23 - 2011-06-07 21:28 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-11-06 13:54 - 2013-11-06 13:54 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicEditor
2013-11-06 13:54 - 2011-06-07 21:28 - 00120200 _____ () C:\windows\SysWOW64\DLLDEV32i.dll
2013-11-06 13:52 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\ChromeExtensions
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempf7047157dd040fda92acb3348e9a60d5
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Tempcd836cd86b6a58a7710ad2c090db7860
2013-11-06 13:44 - 2013-11-06 13:44 - 00000000 ____D C:\Users\Alexander\AppData\Local\Temp6c805cd7a53f3698b5c0466f4ab6d0bb
2013-11-06 13:43 - 2013-11-06 13:43 - 00669952 _____ C:\Users\Alexander\Downloads\MAGIX-Music-Maker-2013-Premium-Setup.exe
2013-11-06 13:33 - 2013-10-26 14:11 - 00000000 ____D C:\Users\Alexander\Documents\MAGIX_MusicMaker15_for_MySpace
2013-11-06 13:33 - 2013-10-26 14:10 - 00000000 ____D C:\windows\SysWOW64\MAGIX
2013-11-06 00:52 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\Mobogenie
2013-11-06 00:52 - 2013-11-06 00:48 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-11-06 00:51 - 2013-11-06 00:49 - 00000000 ____D C:\Program Files (x86)\Virtual Voice
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\Documents\Mobogenie
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\cache
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 ____D C:\Users\Alexander\.android
2013-11-06 00:49 - 2013-11-06 00:49 - 00000000 _____ C:\Users\Alexander\daemonprocess.txt
2013-11-06 00:49 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Speech
2013-11-06 00:37 - 2013-11-06 00:34 - 00000000 ____D C:\Program Files (x86)\MWS Reader 5
2013-11-06 00:33 - 2013-11-06 00:33 - 63070500 _____ (directINNOVATION UG (haftungsbeschränkt)                    ) C:\Users\Alexander\Downloads\mwsr5_setup.exe

Files to move or delete:
====================
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\proadress_setup.exe
C:\Users\Alexander\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Alexander\AppData\Local\Temp\sdapskill.exe
C:\Users\Kinder\AppData\Local\Temp\avgnt.exe
C:\Users\LBSB\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 11:22

==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Bei Win7 Start Fehlermeldung RundDLL.
alexa, appdata, backgroundcontainer, beim starten, folge, mobogenie, mobogenie entfernen, neu, passwort abfrage, pup.optional.browsefox.a, pup.optional.conduit.a, pup.optional.crossrider, pup.optional.downloadguide.a, pup.optional.iminent.a, pup.optional.netdata.a, pup.optional.optimizerpro.a, pup.optional.softonic, pup.optional.softonic.a, pup.optional.somoto, pup.optional.sweetim.a, pup.optional.wajam.a, spyhunter, spyhunter entfernen, starten, windows



Ähnliche Themen: Bei Win7 Start Fehlermeldung RundDLL.


  1. Fehlermeldung nach Start des Laptops
    Lob, Kritik und Wünsche - 12.06.2014 (0)
  2. Fehlermeldung beim Start des Laptops
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (23)
  3. dll Fehlermeldung beim start des rechner`s
    Log-Analyse und Auswertung - 20.02.2014 (5)
  4. RunDll Fehlermeldung beim Start des Computers
    Plagegeister aller Art und deren Bekämpfung - 14.02.2014 (14)
  5. Backgroundcontainer.dll Fehlermeldung bei Start des Rechners (2*)
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (9)
  6. Fehlermeldung beim Start
    Log-Analyse und Auswertung - 06.12.2013 (9)
  7. GMER Fehlermeldung bei Start - W7 x64
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (7)
  8. Fehlermeldung nach Start: Der Server ist ausgelastet!
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (19)
  9. Windows Fehlermeldung beim Start
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (19)
  10. Fehlermeldung beim Start: Server ist ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (32)
  11. Ebenfalls: Fehlermeldung beim Start: Server ist ausgelastet / WIN7
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (5)
  12. Fehlermeldung beim Start: 0.9708446801150707.exe
    Log-Analyse und Auswertung - 02.02.2012 (8)
  13. DLL Fehlermeldung beim Start von WIndows7
    Plagegeister aller Art und deren Bekämpfung - 24.11.2011 (1)
  14. Fehlermeldung bei Start: activexdebugger32.exe
    Plagegeister aller Art und deren Bekämpfung - 23.01.2008 (3)
  15. Windows Fehlermeldung nach Start
    Alles rund um Windows - 26.11.2007 (1)
  16. Trojaner!Fehlermeldung beim start-wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 08.11.2007 (7)
  17. Fehlermeldung beim Start von Windows
    Log-Analyse und Auswertung - 13.10.2005 (6)

Zum Thema Bei Win7 Start Fehlermeldung RundDLL. - Hallo folgender Fehler taucht seit 13.11.2013 ständig auf wenn Win7 die Programme hochfahren tut. RundDLL Problem beim Starten von C:\User\Alexander\AppData\Local\Comduit\BackgroundContainer\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden. Der RundDLL taucht immer - Bei Win7 Start Fehlermeldung RundDLL....
Archiv
Du betrachtest: Bei Win7 Start Fehlermeldung RundDLL. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.