| |
| |||||||
Log-Analyse und Auswertung: Turbo-Lister blockiert WebbrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
28.11.2013, 13:15
| #16 |
| /// the machine /// TB-Ausbilder    |  Turbo-Lister blockiert Webbrowser BEsteht das Problem mit der Verbindung immer noch`?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.11.2013, 19:17
| #17 |
 | Turbo-Lister blockiert Webbrowser Hallo schrauber,
__________________die Verbindungsprobleme bestehen immer noch. Leider. An was könnte es denn noch liegen ? Gruß Waldo |
|
29.11.2013, 15:27
| #18 |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert Webbrowser Was genau passiert denn wenn die Verbindung weg geht, bevor du neu startest?
__________________
__________________ |
|
02.12.2013, 19:21
| #19 | |
| | Turbo-Lister blockiert WebbrowserZitat:
Es ist dann alles langsamer als eine 56kBit Verbindung wie vor 15 Jahren. Trotz meiner 50 MBit. |
|
03.12.2013, 11:40
| #20 |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert Webbrowser Woran merkst Du dass die Verbindung weg ist? Ist sie physisch weg, sprich du bekommst ne Meldung Netzwerk getrennt oder sonstwas? Was sagt dein verbindungssymbol in der Taskleiste in dem Moment?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.12.2013, 10:23
| #21 |
| | Turbo-Lister blockiert Webbrowser Hallo schrauber, das Netzwerksymbol zeigt keine Trennung vom Internet an. es wird nur alles seeeehr langsam. Fast wie in Zeitlupe. Laufen evtl. Prozesse im Hintergrund die dies verursachen ??? Gruß Waldo |
|
07.12.2013, 12:41
| #22 | |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert WebbrowserZitat:
Wo bemerkst Du dass der Speed weniger wird? Nur im Browser? In welchem Browser? Andere browser versucht?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.12.2013, 13:40
| #23 |
| | Turbo-Lister blockiert Webbrowser Hallo, der Speed wird nicht merklich langsamer, vielmehr ist der komplett weg. Die Übermittlungsanzeige beim Outlook bleibt hängen, Browser lassen sich zwar alternativ starten, aber nicht benutzen. Als hauptbrowser beutze ich Opera, Chrome und Firefox ab und zu, IE nur selten und auch nur für eine Forumsseite. Gruß Waldo |
|
16.12.2013, 09:21
| #24 |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert Webbrowser Trenn mal bitte den Router 30 min vom Strom, dann: Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.12.2013, 19:22
| #25 |
| | Turbo-Lister blockiert Webbrowser Hallo schrauber, anbei das Result von MiniToolBox Code:
ATTFilter MiniToolBox by Farbar Version: 13-07-2013
Ran by Microstar (administrator) on 17-12-2013 at 19:36:23
Running from "C:\Users\Microstar\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
# ::1 localhost
========================= IP Configuration: ================================
Realtek PCIe GBE Family Controller = LAN-Verbindung (Connected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Microstar-PC
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Ethernet-Adapter LAN-Verbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physikalische Adresse . . . . . . : 8C-89-A5-A4-69-1B
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::d23:da66:466b:1700%12(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.32(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Dienstag, 17. Dezember 2013 17:20:42
Lease l„uft ab. . . . . . . . . . : Freitag, 27. Dezember 2013 19:33:36
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 258761325
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-F2-E4-9D-8C-89-A5-A4-69-1B
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 3:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6ab8:2018:276:3f57:4ddf(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::2018:276:3f57:4ddf%11(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4001:805::1001
173.194.112.164
173.194.112.161
173.194.112.165
173.194.112.168
173.194.112.162
173.194.112.167
173.194.112.163
173.194.112.160
173.194.112.166
173.194.112.169
173.194.112.174
Ping wird ausgefhrt fr google.com [173.194.112.164] mit 32 Bytes Daten:
Antwort von 173.194.112.164: Bytes=32 Zeit=23ms TTL=58
Antwort von 173.194.112.164: Bytes=32 Zeit=24ms TTL=58
Ping-Statistik fr 173.194.112.164:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 23ms, Maximum = 24ms, Mittelwert = 23ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=192ms TTL=41
Antwort von 206.190.36.45: Bytes=32 Zeit=193ms TTL=42
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 192ms, Maximum = 193ms, Mittelwert = 192ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=64
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=64
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
12...8c 89 a5 a4 69 1b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.32 10
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.32 266
192.168.178.32 255.255.255.255 Auf Verbindung 192.168.178.32 266
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.32 266
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.32 266
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.32 266
===========================================================================
St„ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
11 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
11 58 2001::/32 Auf Verbindung
11 306 2001:0:9d38:6ab8:2018:276:3f57:4ddf/128
Auf Verbindung
12 266 fe80::/64 Auf Verbindung
11 306 fe80::/64 Auf Verbindung
12 266 fe80::d23:da66:466b:1700/128
Auf Verbindung
11 306 fe80::2018:276:3f57:4ddf/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
11 306 ff00::/8 Auf Verbindung
12 266 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (12/17/2013 07:16:09 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (User: )
Description: 1 2013-12-17 19:16:09+02:00 MICROSTAR-PC Microstar-PC\Microstar F-Secure Anti-Virus
Crash detected.
Error: (12/17/2013 05:22:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/17/2013 05:22:04 PM) (Source: SetupARService) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/17/2013 05:21:57 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (12/16/2013 05:15:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/16/2013 05:15:26 PM) (Source: SetupARService) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/16/2013 05:15:00 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (12/15/2013 10:28:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (12/15/2013 10:28:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (12/15/2013 09:01:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/17/2013 07:35:40 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:45:53 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:43:49 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:41:45 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:39:42 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:37:38 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:35:34 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:33:32 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:31:26 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Error: (12/17/2013 05:29:23 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1
Microsoft Office Sessions:
=========================
Error: (12/17/2013 07:16:09 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus)(User: )
Description: 1 2013-12-17 19:16:09+02:00 MICROSTAR-PC Microstar-PC\Microstar F-Secure Anti-Virus
Crash detected.
Error: (12/17/2013 05:22:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/17/2013 05:22:04 PM) (Source: SetupARService)(User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/17/2013 05:21:57 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (12/16/2013 05:15:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/16/2013 05:15:26 PM) (Source: SetupARService)(User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (12/16/2013 05:15:00 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (12/15/2013 10:28:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
Error: (12/15/2013 10:28:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
Error: (12/15/2013 09:01:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-09-04 17:13:03.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-04 17:12:54.937
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-23 18:44:42.707
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-21 22:23:19.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-21 22:23:03.505
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-19 12:38:47.776
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-19 12:35:08.882
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
========================= Memory info: ===================================
Percentage of memory in use: 37%
Total physical RAM: 6125.64 MB
Available physical RAM: 3834.68 MB
Total Pagefile: 12249.46 MB
Available Pagefile: 9790.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.71 MB
========================= Partitions: =====================================
1 Drive c: (Boot) (Fixed) (Total:390.63 GB) (Free:13.9 GB) NTFS
2 Drive d: (Recover) (Fixed) (Total:390.62 GB) (Free:130.83 GB) NTFS
4 Drive f: () (Fixed) (Total:390.62 GB) (Free:230.06 GB) NTFS
5 Drive g: () (Fixed) (Total:232.88 GB) (Free:36.2 GB) NTFS
6 Drive h: () (Fixed) (Total:390.62 GB) (Free:19.47 GB) NTFS
7 Drive i: () (Fixed) (Total:300.43 GB) (Free:149.5 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\MICROSTAR-PC
Administrator Gast Microstar
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 03
Ran by Microstar (administrator) on MICROSTAR-PC on 18-12-2013 19:19:50
Running from C:\Users\Microstar\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(www.bid-o-matic.org) C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\USBKVM Switcher\USBKVM.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKCU\...\Runonce: [Uninstall C:\Users\Microstar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Microstar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-12] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [F-Secure Hoster (666)] - C:\Program Files (x86)\F-Secure\fshoster32.exe [191424 2013-09-11] (F-Secure Corporation)
Startup: C:\Users\Microstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
BootExecute: autocheck autochk * ŘǓOOD
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.1zu43.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Microstar\AppData\Roaming\Mozilla\Firefox\Profiles\zzv30bo9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{0c2a0341-8d91-48ac-ba7c-a1af5dfa4b17}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
Chrome:
=======
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (F-Secure Online Safety) - C:\Users\Microstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmdgdlkkofaagjehbdlomdlpbjfalkbl\2.93.2101_1
CHR Extension: (Google Wallet) - C:\Users\Microstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR HKLM-x32\...\Chrome\Extension: [cmdgdlkkofaagjehbdlomdlpbjfalkbl] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_chrome_https.crx
==================== Services (Whitelisted) =================
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191424 2013-09-11] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-12] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2013-09-24] (Realtek Semiconductor.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [2897422 2012-06-09] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] ()
R2 WMPNetworkSvc; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2011-07-29] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2013-12-11] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69296 2013-10-16] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-29] ()
R0 fsbts; C:\Windows\SysWow64\Drivers\fsbts.sys [42248 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [81344 2013-06-20] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-18] (GFI Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
S2 lirsgt; C:\Windows\SysWow64\DRIVERS\lirsgt.sys [18048 2013-11-08] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-27] (CACE Technologies)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-05] (CyberLink Corp.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-18 17:34 - 2013-12-18 18:11 - 00000000 ____D C:\Users\Microstar\Desktop\Boxen
2013-12-17 19:17 - 2013-12-17 19:49 - 00027427 _____ C:\Users\Microstar\Desktop\Result.txt
2013-12-17 19:15 - 2013-12-17 19:15 - 00760937 _____ (Farbar) C:\Users\Microstar\Desktop\MiniToolBox.exe
2013-12-12 22:30 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 22:30 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 22:30 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 22:30 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 22:29 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 22:29 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 22:29 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:29 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 22:29 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 22:29 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:29 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 22:29 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 22:29 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 22:29 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 22:29 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 22:29 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 22:29 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:29 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 22:29 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 22:29 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 22:29 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 22:29 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 22:29 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 22:29 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 22:29 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 22:29 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 22:29 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 22:29 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 22:29 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 22:29 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 22:29 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 22:29 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 22:29 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 22:29 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 22:29 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 17:41 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 17:41 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 17:41 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 17:41 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 17:41 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 17:41 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 17:41 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 17:40 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 17:40 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 17:39 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 17:39 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 17:39 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 17:39 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 17:39 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 17:39 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 17:39 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 17:39 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 17:39 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 17:39 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 06:17 - 2013-12-12 06:17 - 00001526 _____ C:\Windows\PFRO.log
2013-12-05 18:43 - 2013-12-05 18:45 - 00000000 ____D C:\Users\Microstar\Desktop\Scans
2013-12-03 17:17 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\3420
2013-11-30 17:29 - 2013-11-30 17:29 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\SumatraPDF
2013-11-30 08:02 - 2013-12-18 17:26 - 00001792 _____ C:\Windows\setupact.log
2013-11-30 08:02 - 2013-11-30 08:02 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 17:31 - 2013-11-29 17:31 - 00000000 ____D C:\Windows\MiniDump
2013-11-27 19:41 - 2013-11-27 19:41 - 00000000 __SHD C:\found.000
2013-11-26 23:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 23:03 - 2013-11-26 23:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 23:03 - 2013-11-26 23:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 23:03 - 2013-11-26 23:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 23:03 - 2013-11-26 23:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 23:03 - 2013-11-26 23:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 23:03 - 2013-11-26 23:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 23:03 - 2013-11-26 23:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 19:13 - 2013-11-26 19:13 - 00000000 ____D C:\FRST
2013-11-24 10:47 - 2013-11-24 10:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-24 10:47 - 2013-11-24 10:47 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-24 10:44 - 2013-11-24 10:44 - 00001073 _____ C:\Users\Microstar\Desktop\Secunia PSI.lnk
2013-11-24 10:40 - 2013-11-24 10:40 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-24 09:37 - 2013-11-24 09:37 - 00000000 ____D C:\Users\Microstar\AppData\Local\Secunia PSI
2013-11-24 09:37 - 2013-11-24 09:37 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-24 09:31 - 2013-11-24 09:35 - 00001015 _____ C:\DelFix.txt
2013-11-22 16:23 - 2013-11-24 09:32 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 15:46 - 2013-11-21 15:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-21 15:45 - 2013-11-21 15:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-18 20:11 - 2013-11-18 20:43 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\Apple Computer
2013-11-18 20:11 - 2013-11-18 20:11 - 00000000 ____D C:\Users\Microstar\AppData\Local\Apple Computer
2013-11-18 20:09 - 2013-11-24 10:45 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:09 - 2013-11-18 20:09 - 00000000 ____D C:\Users\Microstar\AppData\Local\Apple
2013-11-18 20:09 - 2013-11-18 20:09 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-18 20:08 - 2013-11-18 20:08 - 00000000 ____D C:\ProgramData\Apple
==================== One Month Modified Files and Folders =======
2013-12-18 19:16 - 2012-06-06 20:08 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\BOM
2013-12-18 19:15 - 2012-06-07 10:55 - 00000000 ____D C:\Users\Microstar\Documents\Outlook-Dateien
2013-12-18 18:46 - 2013-06-25 18:10 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-18 18:43 - 2012-06-15 12:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-18 18:14 - 2011-03-11 10:20 - 00691622 _____ C:\Windows\system32\perfh007.dat
2013-12-18 18:14 - 2011-03-11 10:20 - 00140550 _____ C:\Windows\system32\perfc007.dat
2013-12-18 18:14 - 2009-07-14 06:13 - 01587956 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 18:11 - 2013-12-18 17:34 - 00000000 ____D C:\Users\Microstar\Desktop\Boxen
2013-12-18 17:54 - 2012-07-20 12:46 - 00013349 _____ C:\Users\Microstar\Desktop\Passwörter.xlsx
2013-12-18 17:46 - 2013-06-25 18:10 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-18 17:38 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 17:38 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-18 17:31 - 2013-06-25 15:58 - 01573391 _____ C:\Windows\WindowsUpdate.log
2013-12-18 17:26 - 2013-11-30 08:02 - 00001792 _____ C:\Windows\setupact.log
2013-12-18 17:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-17 21:22 - 2012-06-07 08:43 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-12-17 19:49 - 2013-12-17 19:17 - 00027427 _____ C:\Users\Microstar\Desktop\Result.txt
2013-12-17 19:15 - 2013-12-17 19:15 - 00760937 _____ (Farbar) C:\Users\Microstar\Desktop\MiniToolBox.exe
2013-12-17 18:19 - 2013-03-28 19:10 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 S-Edition
2013-12-17 17:46 - 2013-03-19 17:29 - 00225280 _____ C:\Users\Microstar\Desktop\Haushaltsbuch.xls
2013-12-15 22:30 - 2013-08-14 20:58 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 22:29 - 2011-03-14 15:08 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 21:21 - 2013-07-29 16:44 - 02003456 ___SH C:\Users\Microstar\Desktop\Thumbs.db
2013-12-14 14:01 - 2012-10-03 14:40 - 00011284 _____ C:\Users\Microstar\Desktop\Stromverbrauch.xlsx
2013-12-13 06:20 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-13 06:18 - 2009-07-14 05:45 - 00467768 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 02:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2013-12-13 02:21 - 2012-06-06 17:10 - 00000000 ____D C:\Users\Microstar
2013-12-13 02:21 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows z Media Player
2013-12-13 02:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-12 22:30 - 2012-06-07 09:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 18:28 - 2012-11-06 16:00 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\EPSON
2013-12-12 06:17 - 2013-12-12 06:17 - 00001526 _____ C:\Windows\PFRO.log
2013-12-11 20:43 - 2012-06-15 12:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 20:43 - 2012-06-15 12:25 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 20:43 - 2011-08-22 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-08 11:30 - 2013-01-05 09:55 - 00000000 ____D C:\Users\Microstar\Desktop\Handbücher
2013-12-07 13:07 - 2013-09-25 16:36 - 00002399 _____ C:\Users\Microstar\Desktop\Cedric Computer.lnk
2013-12-07 10:40 - 2013-09-27 13:01 - 00000000 ____D C:\Users\Microstar\Desktop\FritzBox
2013-12-06 14:59 - 2012-06-07 09:19 - 00000000 ____D C:\Users\Microstar\NSU
2013-12-05 18:46 - 2013-10-04 08:23 - 00000000 ____D C:\Users\Microstar\Desktop\ebay Herbst 2013
2013-12-05 18:45 - 2013-12-05 18:43 - 00000000 ____D C:\Users\Microstar\Desktop\Scans
2013-12-04 18:30 - 2012-07-14 10:04 - 00024064 _____ C:\Users\Microstar\Desktop\Wasser.xls
2013-12-04 17:41 - 2013-06-25 18:10 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 17:41 - 2013-06-25 18:10 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 17:17 - 2013-12-03 17:17 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\3420
2013-12-01 15:31 - 2013-10-13 11:16 - 00000000 ____D C:\Users\Microstar\Desktop\P-Touch
2013-11-30 17:29 - 2013-11-30 17:29 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\SumatraPDF
2013-11-30 08:02 - 2013-11-30 08:02 - 00000000 _____ C:\Windows\setuperr.log
2013-11-29 17:31 - 2013-11-29 17:31 - 00000000 ____D C:\Windows\MiniDump
2013-11-29 15:33 - 2011-03-14 15:03 - 00000000 ____D C:\Windows\Panther
2013-11-29 15:32 - 2013-03-29 09:37 - 00000000 ___RD C:\Users\Microstar\Desktop\Software
2013-11-29 15:32 - 2012-06-09 08:47 - 00000000 ____D C:\Program Files\CCleaner
2013-11-28 19:24 - 2013-06-18 16:14 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-11-28 19:24 - 2012-06-07 16:29 - 00000000 ____D C:\Program Files (x86)\F-Secure
2013-11-28 19:23 - 2012-06-07 07:00 - 00000000 ____D C:\ProgramData\eBay
2013-11-28 19:23 - 2012-06-07 07:00 - 00000000 ____D C:\Program Files (x86)\eBay
2013-11-28 19:10 - 2013-11-09 14:56 - 00005764 _____ C:\InstallHelper.log
2013-11-28 18:32 - 2013-11-09 14:53 - 00549888 ___SH C:\Users\Microstar\Documents\Thumbs.db
2013-11-28 18:32 - 2012-06-16 09:16 - 00000000 ____D C:\Users\Microstar\Documents\My PageManager
2013-11-27 19:41 - 2013-11-27 19:41 - 00000000 __SHD C:\found.000
2013-11-27 17:48 - 2012-06-06 17:10 - 00001425 _____ C:\Users\Microstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 23:03 - 2013-11-26 23:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 23:03 - 2013-11-26 23:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 23:03 - 2013-11-26 23:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 23:03 - 2013-11-26 23:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 23:03 - 2013-11-26 23:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 23:03 - 2013-11-26 23:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 23:03 - 2013-11-26 23:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 23:03 - 2013-11-26 23:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 23:03 - 2013-11-26 23:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 19:13 - 2013-11-26 19:13 - 00000000 ____D C:\FRST
2013-11-26 12:54 - 2013-12-12 22:29 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-12 22:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-12 22:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-12 22:29 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-12 22:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-12 22:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-12 22:29 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-12 22:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-12 22:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-12 22:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-12 22:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-12 22:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-12 22:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-12 22:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-12 22:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-12 22:29 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-12 22:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-12 22:29 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-12 22:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-12 22:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 22:29 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-12 22:29 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-12 22:29 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-12 22:29 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 22:29 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-12 22:29 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-12 22:29 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-12 22:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-12 22:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 22:29 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-12 22:29 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-24 10:47 - 2013-11-24 10:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-24 10:47 - 2013-11-24 10:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-24 10:47 - 2013-11-24 10:47 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-24 10:46 - 2013-06-09 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-24 10:45 - 2013-11-18 20:09 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-24 10:44 - 2013-11-24 10:44 - 00001073 _____ C:\Users\Microstar\Desktop\Secunia PSI.lnk
2013-11-24 10:40 - 2013-11-24 10:40 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-24 10:40 - 2013-11-24 10:40 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-24 09:53 - 2011-03-14 15:08 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-11-24 09:37 - 2013-11-24 09:37 - 00000000 ____D C:\Users\Microstar\AppData\Local\Secunia PSI
2013-11-24 09:37 - 2013-11-24 09:37 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-24 09:35 - 2013-11-24 09:31 - 00001015 _____ C:\DelFix.txt
2013-11-24 09:32 - 2013-11-22 16:23 - 00000000 ____D C:\Windows\ERUNT
2013-11-23 19:26 - 2013-12-12 17:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 19:12 - 2012-11-25 10:33 - 00017408 _____ C:\Users\Microstar\Documents\Avery 3481.zdl
2013-11-23 18:47 - 2013-12-12 17:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-22 18:01 - 2013-10-06 19:10 - 00000000 ____D C:\AdwCleaner
2013-11-21 15:58 - 2013-11-21 15:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-21 15:45 - 2013-11-21 15:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-21 15:29 - 2012-08-29 16:41 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-11-19 08:42 - 2013-08-01 18:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-19 08:42 - 2012-09-18 17:56 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\DVDVideoSoft
2013-11-18 20:43 - 2013-11-18 20:11 - 00000000 ____D C:\Users\Microstar\AppData\Roaming\Apple Computer
2013-11-18 20:11 - 2013-11-18 20:11 - 00000000 ____D C:\Users\Microstar\AppData\Local\Apple Computer
2013-11-18 20:09 - 2013-11-18 20:09 - 00000000 ____D C:\Users\Microstar\AppData\Local\Apple
2013-11-18 20:09 - 2013-11-18 20:09 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-18 20:08 - 2013-11-18 20:08 - 00000000 ____D C:\ProgramData\Apple
2013-11-18 18:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-03 18:44
==================== End Of Log ============================
|
|
19.12.2013, 12:14
| #26 |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert Webbrowser Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter R2 tor; C:\Program Files (x86)\Tor\tor.exe [2897422 2012-06-09] ()
C:\Program Files (x86)\Tor
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
rechner manuell rebooten, nochmal testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.12.2013, 17:50
| #27 |
| | Turbo-Lister blockiert Webbrowser Hallo schrauber, anbei das neue FRST Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-12-2013 05
Ran by Microstar at 2013-12-19 17:48:42 Run:2
Running from C:\Users\Microstar\Desktop\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
R2 tor; C:\Program Files (x86)\Tor\tor.exe [2897422 2012-06-09] ()
C:\Program Files (x86)\Tor
*****************
tor => Service deleted successfully.
C:\Program Files (x86)\Tor => Moved successfully.
The system needs a manual reboot.
==== End of Fixlog ====
Gruß Waldo |
|
20.12.2013, 11:20
| #28 |
| /// the machine /// TB-Ausbilder | Turbo-Lister blockiert Webbrowser Wird von Malware mit eingeschleust. Rechner schon getestet?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Turbo-Lister blockiert Webbrowser |
| acrobat update, ad-aware, adobe, antivirus, bho, blockiert, bonjour, browser, converter, desktop, firefox, flash player, google, helper, hijack, hijackthis, internet, internet explorer, langsam, logfile, monitor, mp3, plug-in, problem, realtek, software, starmoney, windows |
Linear-Darstellung
