Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.12.2013, 10:15   #1
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Hallo und guten Tag,

hab Windows7 Prof. und Free Antivirus (Avira)

Folgende Meldungen (von Free Antivirus-Avira) kamen, nachdem externe Festplatte angeschlossen wurde (zur Datensicherung):

Im Masterbootsektor von Laufwerk 'Masterbootsektor HD7' wurde ein Virus oder
unerwünschtes Programm 'BOO/Sinowal.A' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

und

Im Bootsektor von Laufwerk 'L:' wurde ein Virus oder
unerwünschtes Programm 'BOO/Sinowal.A' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
____
Daraufhin wurde die externe Festplatte wieder entfernt.

Malwarebytes hab ich herunteruntergeladen (freie Version) : Wurde nichts gefunden.

Hab danach Rechner vom Netz genommen (Internetverbindung gekappt) und nochmal einen Scan mit Avira Free Antivirus durchgeführt. Es wurde kein Fund nicht angezeigt. Wie soll ich jetzt weiter verfahren ?

Kann ich jetzt davon ausgehen, dass der Rechner (wieder) clean ist ? Oder sollte ich noch andere Aktionen durchführen ?
______________________
Danach hab ich wieder , die externe Festplatte angeschlossen und es kam wieder zu oben benannten Meldungen. D.h. doch, dass es mit der externen Festplatte zu tun hat, oder ?
___

Kann ich den Rechner wieder ans Netz nehmen ?

Für Onlinebanking etc. verwende ich jetzt einen anderen separaten Rechner.

Wie geh ich da am besten weiter vor ?
Soll ich die Festplatte separat scannen und wenn ja wie macht man das am besten ?

Vielen Dank im Voraus.
________
Hier die Logfiles von Avira und Malwarebytes .
1.
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 9. Dezember 2013 00:00


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : 123

Versionsinformationen:
BUILD.DAT : 14.0.1.759 55393 Bytes 26.11.2013 12:19:00
AVSCAN.EXE : 14.0.1.645 1030712 Bytes 25.11.2013 17:41:29
AVSCANRC.DLL : 14.0.1.641 62008 Bytes 25.11.2013 17:41:29
LUKE.DLL : 14.0.1.641 65080 Bytes 25.11.2013 17:41:41
AVSCPLR.DLL : 14.0.1.641 124472 Bytes 25.11.2013 17:41:30
AVREG.DLL : 14.0.1.641 250424 Bytes 25.11.2013 17:41:29
avlode.dll : 14.0.1.681 517176 Bytes 25.11.2013 17:41:28
avlode.rdf : 13.0.1.48 27867 Bytes 13.11.2013 19:32:33
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 04:47:43
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 10:18:45
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 06:53:06
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 11:12:04
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 14:23:41
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 15:00:04
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 11:17:47
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 13:08:10
VBASE008.VDF : 7.11.116.39 2048 Bytes 28.11.2013 13:08:10
VBASE009.VDF : 7.11.116.40 2048 Bytes 28.11.2013 13:08:10
VBASE010.VDF : 7.11.116.41 2048 Bytes 28.11.2013 13:08:10
VBASE011.VDF : 7.11.116.42 2048 Bytes 28.11.2013 13:08:10
VBASE012.VDF : 7.11.116.43 2048 Bytes 28.11.2013 13:08:11
VBASE013.VDF : 7.11.116.44 2048 Bytes 28.11.2013 13:08:11
VBASE014.VDF : 7.11.116.195 149504 Bytes 30.11.2013 14:23:48
VBASE015.VDF : 7.11.117.180 271872 Bytes 04.12.2013 17:29:16
VBASE016.VDF : 7.11.118.17 139776 Bytes 06.12.2013 18:38:51
VBASE017.VDF : 7.11.118.18 2048 Bytes 06.12.2013 18:38:51
VBASE018.VDF : 7.11.118.19 2048 Bytes 06.12.2013 18:38:51
VBASE019.VDF : 7.11.118.20 2048 Bytes 06.12.2013 18:38:51
VBASE020.VDF : 7.11.118.21 2048 Bytes 06.12.2013 18:38:51
VBASE021.VDF : 7.11.118.22 2048 Bytes 06.12.2013 18:38:51
VBASE022.VDF : 7.11.118.23 2048 Bytes 06.12.2013 18:38:51
VBASE023.VDF : 7.11.118.24 2048 Bytes 06.12.2013 18:38:51
VBASE024.VDF : 7.11.118.25 2048 Bytes 06.12.2013 18:38:51
VBASE025.VDF : 7.11.118.26 2048 Bytes 06.12.2013 18:38:51
VBASE026.VDF : 7.11.118.27 2048 Bytes 06.12.2013 18:38:51
VBASE027.VDF : 7.11.118.28 2048 Bytes 06.12.2013 18:38:51
VBASE028.VDF : 7.11.118.29 2048 Bytes 06.12.2013 18:38:51
VBASE029.VDF : 7.11.118.30 2048 Bytes 06.12.2013 18:38:51
VBASE030.VDF : 7.11.118.31 2048 Bytes 06.12.2013 18:38:52
VBASE031.VDF : 7.11.118.128 208896 Bytes 08.12.2013 18:14:31
Engineversion : 8.2.12.158
AEVDF.DLL : 8.1.3.4 102774 Bytes 16.06.2013 17:39:21
AESCRIPT.DLL : 8.1.4.172 520574 Bytes 02.12.2013 17:37:54
AESCN.DLL : 8.1.10.4 131446 Bytes 02.04.2013 18:48:52
AESBX.DLL : 8.2.16.26 1245560 Bytes 23.08.2013 15:10:49
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 17:37:53
AEPACK.DLL : 8.3.3.6 762232 Bytes 02.12.2013 17:37:53
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 12.08.2013 18:43:29
AEHEUR.DLL : 8.1.4.790 6328698 Bytes 02.12.2013 17:37:53
AEHELP.DLL : 8.1.27.10 266618 Bytes 22.11.2013 12:35:41
AEGEN.DLL : 8.1.7.20 446839 Bytes 13.11.2013 19:32:33
AEEXP.DLL : 8.4.1.114 381304 Bytes 22.11.2013 12:35:46
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 16:49:04
AECORE.DLL : 8.1.32.2 201081 Bytes 08.11.2013 05:18:01
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 17:49:14
AVWINLL.DLL : 14.0.1.641 23608 Bytes 25.11.2013 17:41:23
AVPREF.DLL : 14.0.1.641 48696 Bytes 25.11.2013 17:41:28
AVREP.DLL : 14.0.1.641 175672 Bytes 25.11.2013 17:41:29
AVARKT.DLL : 14.0.1.641 257080 Bytes 25.11.2013 17:41:25
AVEVTLOG.DLL : 14.0.1.641 165944 Bytes 25.11.2013 17:41:26
SQLITE3.DLL : 3.7.0.1 397704 Bytes 07.06.2013 06:00:44
AVSMTP.DLL : 14.0.1.641 60472 Bytes 25.11.2013 17:41:30
NETNT.DLL : 14.0.1.641 13368 Bytes 25.11.2013 17:41:41
RCIMAGE.DLL : 14.0.1.641 4786744 Bytes 25.11.2013 17:41:23
RCTEXT.DLL : 14.0.1.641 67128 Bytes 25.11.2013 17:41:23

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 9. Dezember 2013 00:00

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '157' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'GregHSRW.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'ccSvcHst.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConversionService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '212' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'vVX3000.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler64.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqtra08.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqSTE08.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqbam08.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqgpc01.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'OSPPSVC.EXE' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'msiexec.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3240' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <eMachines>
[0] Archivtyp: RSRC
--> \\?\C:\Users\Tapirus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98I6EJV4\CPE_SLP_NETWORKMSI_hpu_000_006[1].exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Tapirus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98I6EJV4\CPE_SLP_NETWORKMSI_hpu_000_006[1].exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
--> \\?\C:\Users\Tapirus\AppData\Local\Temp\HPSUW2TE.YWY\CPE_SLP_NETWORKMSI_hpu_000_006.exe.tmp
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Tapirus\AppData\Local\Temp\HPSUW2TE.YWY\CPE_SLP_NETWORKMSI_hpu_000_006.exe.tmp
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'D:\' <DATA>


Ende des Suchlaufs: Montag, 9. Dezember 2013 02:28
Benötigte Zeit: 2:28:07 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

37244 Verzeichnisse wurden überprüft
1365934 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1365934 Dateien ohne Befall
19382 Archive wurden durchsucht
2 Warnungen
0 Hinweise
934325 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
______

2. Malwarebytes :
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.08.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Tapirus :: GREGORJULIUS-PC [limited]

Protection: Enabled

08.12.2013 18:48:35
mbam-log-2013-12-08 (18-48-35).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 455307
Time elapsed: 2 hour(s), 2 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Alt 09.12.2013, 10:18   #2
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.12.2013, 20:18   #3
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Danke erstmal für die schnelle Unterstützung/Hilfe.

Beim Ausführen vom frst64 kommen folgende Meldungen am Anfang - wenn diese mit ja bestätigt wurden, ging es weiter. Sind diese Meldungen wichtig und was bedeutet das -sind hier die Übeltäter drin?

========

Error saving file
C:\FRST\HIVES\System !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\software !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\default !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\security !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\sam !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\User\00000001\ntuser.dat !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\User\00000002\UsrClass.dat !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

Error saving file
C:\FRST\HIVES\BCD !
Continue with next file ?
RegCreateEx: 5 -Zugriff verweigert

===============================

Nach bestätigen mit ja ging es weiter zum scannen. Die Logfiles sind im Anhang.

FRST_Log:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by Tapirus (ATTENTION: The logged in user is not administrator) on 123 on 09-12-2013 19:40:06
Running from C:\Users\Tapirus\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-29] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-30] (Google Inc.)
MountPoints2: {d16f78f0-f3f8-11e1-89b6-002511626342} - L:\EasySuite.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-30] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Tapirus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360810sn06973h54zm5bh8j1430r
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360810sn06973h54zm5bh8j1430r
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tapirus\AppData\Roaming\Mozilla\Firefox\Profiles\4jhr2zia.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.careerbuilder.de/blog/2010/10/28/die-erfolgreichsten-methoden-fur-die-jobsuche/|hxxp://www.initiativbewerbung-masterplan.speedlauncher.de/project/9474/13396/content/26632
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tapirus\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tapirus\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

Chrome: 
=======
CHR HomePage: hxxp://www.initiativbewerbung-masterplan.speedlauncher.de/user
CHR RestoreOnStartup: "hxxp://www.n-tv.de/", "hxxp://www.spieleland.de/de/start/index.html"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Tapirus\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tapirus\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Tapirus\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (YouTube) - C:\Users\Tapirus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Tapirus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Tapirus\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0
CHR Extension: (Google Wallet) - C:\Users\Tapirus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Tapirus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-10-29] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-10-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-10-29] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091005.003\ENG64.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091005.003\EX64.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 19:40 - 2013-12-09 19:40 - 00019792 _____ C:\Users\Tapirus\Downloads\FRST.txt
2013-12-09 19:39 - 2013-12-09 19:39 - 00000000 ____D C:\FRST
2013-12-09 19:38 - 2013-12-09 19:38 - 01927982 _____ (Farbar) C:\Users\Tapirus\Downloads\FRST64.exe
2013-12-09 19:36 - 2013-12-09 19:36 - 00000128 _____ C:\Windows\wininit.ini
2013-12-09 19:19 - 2013-12-09 19:19 - 00025512 _____ C:\Users\Tapirus\Desktop\Avira_scan_AVSCAN-20131209-072009-3876B877.txt
2013-12-09 06:58 - 2013-12-09 07:00 - 00000000 ____D C:\Users\Tapirus\Desktop\Avira
2013-12-09 06:56 - 2013-12-09 06:56 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner (2)
2013-12-09 06:55 - 2013-12-09 06:55 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner
2013-12-08 19:28 - 2013-12-08 19:29 - 00614784 _____ C:\Users\Tapirus\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-08 19:28 - 2013-12-08 19:28 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\LavasoftStatistics
2013-12-08 19:26 - 2013-12-08 19:26 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Lavasoft
2013-12-08 19:24 - 2013-12-08 19:24 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11.exe
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11 (1).exe
2013-12-08 19:16 - 2013-12-08 19:16 - 00000000 ____D C:\Users\Tapirus\Downloads\ProcessExplorer_1540
2013-12-08 19:15 - 2013-12-08 19:15 - 01191834 _____ C:\Users\Tapirus\Downloads\ProcessExplorer_1540.zip
2013-12-08 18:02 - 2013-12-08 18:02 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Malwarebytes
2013-12-08 17:39 - 2013-12-08 17:39 - 00002194 _____ C:\Windows\PFRO.log
2013-12-08 17:17 - 2013-12-08 17:17 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-08 17:17 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-08 17:15 - 2013-12-08 17:15 - 00614784 _____ C:\Users\Tapirus\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-08 14:26 - 2013-12-08 14:28 - 00026960 _____ C:\Users\GregorJulius\Desktop\AVSCAN-20131208-115055-7844EF36.LOG
2013-12-04 03:12 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-04 03:07 - 2013-12-04 03:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-04 03:07 - 2013-12-04 03:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-04 03:02 - 2013-12-04 03:12 - 00011300 _____ C:\Windows\IE11_main.log
2013-12-03 18:24 - 2013-12-03 18:10 - 00062581 _____ C:\Users\Tapirus\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:48 - 2013-12-03 17:50 - 03904488 _____ C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 05171694 _____ C:\Users\Tapirus\Desktop\Aus_Weiterbildung.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 03957169 _____ C:\Users\Tapirus\Desktop\AZ.zip
2013-12-03 17:46 - 2013-12-03 17:50 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie
2013-12-03 17:46 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Desktop\MCPDigitalCertPDF.zip
2013-12-03 17:33 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Downloads\MCPDigitalCertPDF.zip
2013-12-03 17:20 - 2013-12-03 18:10 - 00062581 _____ C:\Users\Public\Documents\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:18 - 00062526 _____ C:\Users\Löwilein\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:13 - 00064679 _____ C:\Users\Löwilein\Downloads\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-02 20:52 - 2013-12-02 20:52 - 09482665 _____ C:\Users\Löwilein\Downloads\Nicht bestätigt 548076.crdownload
2013-12-02 20:11 - 2013-12-02 20:11 - 00021693 _____ C:\Users\Löwilein\Unbenannt 1.odt
2013-12-02 08:23 - 2013-12-02 08:23 - 01994752 _____ C:\Users\Löwilein\Downloads\Advents-kalender.pps
2013-11-24 11:49 - 2013-11-24 11:49 - 00021547 _____ C:\Users\Tapirus\Desktop\Bew_2012_13.ods
2013-11-24 11:31 - 2013-11-24 11:31 - 00428944 _____ C:\Users\Tapirus\Desktop\LRA_FN_11_2013.zip
2013-11-22 19:03 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Public\Documents\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-22 19:01 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-18 18:36 - 2013-11-18 18:36 - 00009527 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-16 11:09 - 2013-11-16 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 07:40 - 2013-11-16 07:40 - 00009527 _____ C:\Users\Tapirus\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-14 13:48 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 13:48 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 13:48 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 13:48 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 13:48 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 13:48 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 13:48 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 13:48 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 13:48 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 13:48 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 13:48 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 13:48 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 13:48 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 13:48 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 13:48 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 13:48 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 13:48 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 13:48 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 13:48 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 13:48 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 13:48 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 13:48 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 13:48 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 13:48 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 13:48 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 13:48 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 13:48 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 13:48 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 13:48 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 13:48 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 06:07 - 2013-12-08 17:39 - 00001456 _____ C:\Windows\setupact.log
2013-11-12 06:07 - 2013-11-12 06:07 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 19:38 - 2013-11-11 19:38 - 32522152 _____ (TuneUp Software) C:\Users\Tapirus\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe

==================== One Month Modified Files and Folders =======

2013-12-09 19:40 - 2013-12-09 19:40 - 00019792 _____ C:\Users\Tapirus\Downloads\FRST.txt
2013-12-09 19:39 - 2013-12-09 19:39 - 00000000 ____D C:\FRST
2013-12-09 19:38 - 2013-12-09 19:38 - 01927982 _____ (Farbar) C:\Users\Tapirus\Downloads\FRST64.exe
2013-12-09 19:38 - 2010-08-26 17:13 - 01605980 _____ C:\Windows\WindowsUpdate.log
2013-12-09 19:38 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:38 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:36 - 2013-12-09 19:36 - 00000128 _____ C:\Windows\wininit.ini
2013-12-09 19:29 - 2011-03-05 20:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 19:25 - 2012-05-22 18:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 19:19 - 2013-12-09 19:19 - 00025512 _____ C:\Users\Tapirus\Desktop\Avira_scan_AVSCAN-20131209-072009-3876B877.txt
2013-12-09 19:03 - 2012-12-04 19:20 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA.job
2013-12-09 18:43 - 2012-11-30 20:00 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA.job
2013-12-09 11:31 - 2012-12-04 19:20 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core.job
2013-12-09 07:41 - 2010-08-27 03:05 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-12-09 07:41 - 2010-08-27 03:05 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-12-09 07:41 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 07:28 - 2011-03-05 19:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-09 07:00 - 2013-12-09 06:58 - 00000000 ____D C:\Users\Tapirus\Desktop\Avira
2013-12-09 06:56 - 2013-12-09 06:56 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner (2)
2013-12-09 06:55 - 2013-12-09 06:55 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner
2013-12-09 03:43 - 2012-11-30 20:00 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core.job
2013-12-08 19:29 - 2013-12-08 19:28 - 00614784 _____ C:\Users\Tapirus\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-08 19:28 - 2013-12-08 19:28 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\LavasoftStatistics
2013-12-08 19:26 - 2013-12-08 19:26 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Lavasoft
2013-12-08 19:24 - 2013-12-08 19:24 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11.exe
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11 (1).exe
2013-12-08 19:16 - 2013-12-08 19:16 - 00000000 ____D C:\Users\Tapirus\Downloads\ProcessExplorer_1540
2013-12-08 19:15 - 2013-12-08 19:15 - 01191834 _____ C:\Users\Tapirus\Downloads\ProcessExplorer_1540.zip
2013-12-08 18:02 - 2013-12-08 18:02 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Malwarebytes
2013-12-08 17:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-08 17:39 - 2013-12-08 17:39 - 00002194 _____ C:\Windows\PFRO.log
2013-12-08 17:39 - 2013-11-12 06:07 - 00001456 _____ C:\Windows\setupact.log
2013-12-08 17:39 - 2010-08-26 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-08 17:37 - 2013-09-04 18:46 - 00000000 ____D C:\ProgramData\Visual CertExam Suite
2013-12-08 17:17 - 2013-12-08 17:17 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-08 17:15 - 2013-12-08 17:15 - 00614784 _____ C:\Users\Tapirus\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-08 17:15 - 2011-03-05 20:04 - 00103440 _____ C:\Users\GregorJulius\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-08 14:28 - 2013-12-08 14:26 - 00026960 _____ C:\Users\GregorJulius\Desktop\AVSCAN-20131208-115055-7844EF36.LOG
2013-12-06 16:51 - 2012-05-22 19:15 - 00002341 _____ C:\Users\Tapirus\Desktop\Google Chrome.lnk
2013-12-05 08:33 - 2012-05-22 19:10 - 00002346 _____ C:\Users\Löwilein\Desktop\Google Chrome.lnk
2013-12-05 08:27 - 2011-03-20 09:48 - 00001434 _____ C:\Users\Löwilein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-04 07:27 - 2011-03-20 10:24 - 00001434 _____ C:\Users\Tapirus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-04 03:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-04 03:12 - 2013-12-04 03:02 - 00011300 _____ C:\Windows\IE11_main.log
2013-12-04 03:07 - 2013-12-04 03:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-04 03:07 - 2013-12-04 03:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-03 18:10 - 2013-12-03 18:24 - 00062581 _____ C:\Users\Tapirus\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 18:10 - 2013-12-03 17:20 - 00062581 _____ C:\Users\Public\Documents\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:50 - 2013-12-03 17:48 - 03904488 _____ C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie.zip
2013-12-03 17:50 - 2013-12-03 17:46 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie
2013-12-03 17:47 - 2013-12-03 17:47 - 05171694 _____ C:\Users\Tapirus\Desktop\Aus_Weiterbildung.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 03957169 _____ C:\Users\Tapirus\Desktop\AZ.zip
2013-12-03 17:44 - 2013-07-22 08:24 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013
2013-12-03 17:33 - 2013-12-03 17:46 - 00465191 _____ C:\Users\Tapirus\Desktop\MCPDigitalCertPDF.zip
2013-12-03 17:33 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Downloads\MCPDigitalCertPDF.zip
2013-12-03 17:18 - 2013-12-03 17:13 - 00062526 _____ C:\Users\Löwilein\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:13 - 00064679 _____ C:\Users\Löwilein\Downloads\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 16:36 - 2012-05-22 19:10 - 00000000 ____D C:\Users\Löwilein\AppData\Local\Google
2013-12-03 13:02 - 2013-06-07 07:13 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 20:52 - 2013-12-02 20:52 - 09482665 _____ C:\Users\Löwilein\Downloads\Nicht bestätigt 548076.crdownload
2013-12-02 20:11 - 2013-12-02 20:11 - 00021693 _____ C:\Users\Löwilein\Unbenannt 1.odt
2013-12-02 20:11 - 2011-03-20 09:48 - 00000000 ____D C:\Users\Löwilein
2013-12-02 08:23 - 2013-12-02 08:23 - 01994752 _____ C:\Users\Löwilein\Downloads\Advents-kalender.pps
2013-11-30 10:56 - 2012-07-15 10:15 - 00000000 ____D C:\Users\Löwilein\Documents\PrintScreen Files
2013-11-28 07:20 - 2013-07-07 17:42 - 00000000 ____D C:\Users\Tapirus\Desktop\Bewerbung_Renate
2013-11-25 19:15 - 2012-10-28 11:06 - 00000000 ____D C:\Users\Tapirus\Desktop\Videos_Bilder
2013-11-25 18:41 - 2013-06-07 07:15 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 18:41 - 2013-06-07 07:13 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 18:41 - 2013-06-07 07:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 11:49 - 2013-11-24 11:49 - 00021547 _____ C:\Users\Tapirus\Desktop\Bew_2012_13.ods
2013-11-24 11:49 - 2013-10-05 08:46 - 00000000 ____D C:\Users\Tapirus\Desktop\Okt_2013
2013-11-24 11:31 - 2013-11-24 11:31 - 00428944 _____ C:\Users\Tapirus\Desktop\LRA_FN_11_2013.zip
2013-11-24 10:44 - 2013-10-20 09:28 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-23 17:31 - 2012-05-23 18:21 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Skype
2013-11-23 17:14 - 2012-05-25 18:26 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\TeamViewer
2013-11-22 19:01 - 2013-11-22 19:03 - 00009859 _____ C:\Users\Public\Documents\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-22 19:01 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-20 13:53 - 2013-04-19 14:41 - 00005632 _____ C:\Users\Tapirus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-20 09:18 - 2013-04-11 08:15 - 00000000 ____D C:\Users\Tapirus\.tfo4
2013-11-18 18:36 - 2013-11-18 18:36 - 00009527 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-17 08:29 - 2012-05-22 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 11:09 - 2013-11-16 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 07:40 - 2013-11-16 07:40 - 00009527 _____ C:\Users\Tapirus\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-14 21:30 - 2009-10-29 07:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 06:07 - 2013-11-12 06:07 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 19:38 - 2013-11-11 19:38 - 32522152 _____ (TuneUp Software) C:\Users\Tapirus\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe

Some content of TEMP:
====================
C:\Users\GregorJulius\AppData\Local\Temp\5187b4e4-6aa7-4c00-917e-30bff40766a8.exe
C:\Users\GregorJulius\AppData\Local\Temp\AskSLib.dll
C:\Users\GregorJulius\AppData\Local\Temp\ose00000.exe
C:\Users\Löwilein\AppData\Local\Temp\AskSLib.dll
C:\Users\Löwilein\AppData\Local\Temp\avgnt.exe
C:\Users\Löwilein\AppData\Local\Temp\FileSystemView.dll
C:\Users\Löwilein\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tapirus\AppData\Local\Temp\avgnt.exe
C:\Users\Tapirus\AppData\Local\Temp\FileSystemView.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition_Log:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013
Ran by Tapirus at 2013-12-09 19:41:19
Running from C:\Users\Tapirus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.1)
6500_E709_eDocs (x32 Version: 1.00.0000)
6500_E709_Help (x32 Version: 1.00.0000)
6500_E709n (x32 Version: 50.0.165.000)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Advertising Center (x32 Version: 0.0.0.2)
Alice Greenfingers (x32)
Amazonia (x32)
Ask Toolbar (x32 Version: 1.15.26.0)
Avira Free Antivirus (x32 Version: 14.0.1.759)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.2.6.45268)
bpd_scan (x32 Version: 3.00.0000)
BPDSoftware (x32 Version: 50.0.165.000)
BPDSoftware_Ini (x32 Version: 1.00.0000)
BufferChm (x32 Version: 130.0.331.000)
CCleaner (Version: 4.01)
Chicken Invaders 2 (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Dairy Dash (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DocMgr (x32 Version: 130.0.000.000)
DocProc (x32 Version: 13.0.0.0)
Dream Day First Home (x32)
eBay Worldwide (x32 Version: 2.1.0901)
eMachines GameZone Console (x32 Version: 5.1.1.3)
eMachines Recovery Management (x32 Version: 4.05.3005)
eMachines Registration (x32 Version: 1.02.3006)
eMachines ScreenSaver (x32 Version: 1.1.0812)
eMachines Updater (x32 Version: 1.01.3017)
Farm Frenzy 2 (x32)
Fax (x32 Version: 130.0.418.000)
First Class Flurry (x32)
Free Audio CD Burner version 1.4.7 (x32)
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925)
Gadwin PrintScreen (x32 Version: 4.6)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.22.3)
GPBaseService2 (x32 Version: 130.0.371.000)
Granny In Paradise (x32)
Heroes of Hellas (x32)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 6500 E709 Series (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 4.000.011.006)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
Identity Card (x32 Version: 1.00.3002)
ImagXpress (x32 Version: 7.0.74.0)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JavaFX 2.1.0 (x32 Version: 2.1.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 3.8.130.10)
Merriam Websters Spell Jam (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 Essentials (x32)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.7.201)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.7.201)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.4.9.100)
Nero InfoTool (x32 Version: 6.4.7.201)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.11.209)
Nero StartSmart Help (x32 Version: 9.4.11.208)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.10.505)
neroxml (x32 Version: 1.0.0)
Network64 (Version: 130.0.579.000)
Norton Internet Security (x32 Version: 16.7.0.30)
Norton Online Backup (x32 Version: 1.2.0.36)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
ProductContext (x32 Version: 50.0.165.000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5898)
Scan (x32 Version: 13.0.0.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Shop for HP Supplies (Version: 13.0)
Skype™ 6.3 (x32 Version: 6.3.107)
SmartWebPrinting (x32 Version: 130.0.457.000)
Softonic toolbar  on IE and Chrome (x32 Version: 1.8.21.14)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.20202)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
WebReg (x32 Version: 130.0.132.017)
Welcome Center (x32 Version: 1.00.3008)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
YouTube Song Downloader (x32 Version: 8.2)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core.job => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA.job => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-16 11:09 - 2013-11-16 11:09 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 20:29 - 2013-10-09 20:29 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:444C53BA
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: NAVEX15
Description: NAVEX15
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NAVEX15
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2013 08:55:02 PM) (Source: Application Hang) (User: )
Description: Programm soffice.bin, Version 3.4.9590.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1678

Startzeit: 01cee2b5ec1554f0

Endzeit: 192

Anwendungspfad: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

Berichts-ID: dfc71121-4ef8-11e3-99ed-002511626342

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 11:58:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/08/2013 06:18:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NobuActivation.exe, Version: 1.2.0.36, Zeitstempel: 0x4a6a44da
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00035d29
ID des fehlerhaften Prozesses: 0xf44
Startzeit der fehlerhaften Anwendung: 0xNobuActivation.exe0
Pfad der fehlerhaften Anwendung: NobuActivation.exe1
Pfad des fehlerhaften Moduls: NobuActivation.exe2
Berichtskennung: NobuActivation.exe3

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller) (User: GregorJulius-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller) (User: GregorJulius-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011005}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/22/2013 04:44:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0xd54
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3


System errors:
=============
Error: (12/09/2013 06:36:27 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden.

Error: (12/08/2013 05:43:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/08/2013 05:43:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/08/2013 05:41:18 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SRTSP

Error: (12/08/2013 05:39:49 PM) (Source: SRTSP) (User: )
Description: Error loading Symantec real time Anti-Virus driver.

Error: (12/08/2013 05:39:49 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (12/07/2013 07:10:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/07/2013 07:10:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/07/2013 07:08:42 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SRTSP

Error: (12/07/2013 07:07:55 AM) (Source: SRTSP) (User: )
Description: Error loading Symantec real time Anti-Virus driver.


Microsoft Office Sessions:
=========================
Error: (11/16/2013 08:55:02 PM) (Source: Application Hang)(User: )
Description: soffice.bin3.4.9590.500167801cee2b5ec1554f0192C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bindfc71121-4ef8-11e3-99ed-002511626342

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe

Error: (11/10/2013 11:58:23 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (11/08/2013 06:18:58 AM) (Source: Application Error)(User: )
Description: NobuActivation.exe1.2.0.364a6a44daole32.dll6.1.7601.175144ce7b96fc000000500035d29f4401cedc41f9cf3b80C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exeC:\Windows\syswow64\ole32.dll44c09080-4835-11e3-ae38-002511626342

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller)(User: GregorJulius-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL)

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller)(User: GregorJulius-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011005}1625(NULL)(NULL)(NULL)

Error: (10/22/2013 04:44:40 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487d5401cecf3d978efc00C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exedc692c60-3b30-11e3-a742-002511626342


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3071.23 MB
Available physical RAM: 1513.73 MB
Total Pagefile: 6140.65 MB
Available Pagefile: 3622.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:479.1 GB) (Free:254.09 GB) NTFS
Drive d: (DATA) (Fixed) (Total:433.76 GB) (Free:328.04 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
__________________

Alt 10.12.2013, 10:43   #4
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Das kommt davon weil das Tool ohne Adminrechte lief . Bitte nochmal. Und diesmal, um es mit den Worten von Tim Taylor dem Heimwerker-King zu sagen:

mit mehr Power
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.12.2013, 10:52   #5
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Danke für den Hinweis. Werde das dann heute Nachmittag/Abend nochmal mit Adminrechten durchführen.

Bis dann.

Schöne Grüße


Alt 10.12.2013, 13:59   #6
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



ok
__________________
--> beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]

Alt 10.12.2013, 18:26   #7
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Also, jetzt als fsrt Administrator ausgeführt (am Rechner allerdings als 'normaler' User angemeldet) und hier das Ergebnis:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by GregorJulius (administrator) on 123-PC on 10-12-2013 17:12:50
Running from C:\Users\Tapirus\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Acer) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762224 2009-06-30] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-29] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [Gadwin PrintScreen] - C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc)
MountPoints2: {d16f78f0-f3f8-11e1-89b6-002511626342} - L:\EasySuite.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-30] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-22] ()
HKU\Löwilein\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-29] (Google Inc.)
HKU\Löwilein\...\Run: [Google Update] - C:\Users\Löwilein\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-04] (Google Inc.)
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-22] ()
Startup: C:\Users\Tapirus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=88e55ecc000000000000002511626342
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=et1831&r=17360810sn06973h54zm5bh8j1430r
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKCU - DefaultScope {44628115-BBA4-4FF4-AF4A-240FD269F93D} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=88e55ecc000000000000002511626342&r=726
SearchScopes: HKCU - {44628115-BBA4-4FF4-AF4A-240FD269F93D} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=88e55ecc000000000000002511626342&r=726
SearchScopes: HKCU - {5138F714-A733-4FF2-B0ED-887E761EBD9A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=A0FDEAE9-292B-4372-8162-78322DAB8E5D&apn_sauid=A59A8201-6471-410D-9A26-F3F22B5B207F
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default
FF user.js: detected! => C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default\user.js
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default\Extensions\toolbar@ask.com
FF Extension: DVDVideoSoft Menu - C:\Users\GregorJulius\AppData\Roaming\Mozilla\Firefox\Profiles\4p3zr96o.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\GregorJulius\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-10-29] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-10-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-10-29] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091005.003\ENG64.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091005.003\EX64.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 19:45 - 2013-12-09 19:55 - 00000000 ____D C:\Users\Tapirus\Desktop\sanowar_files
2013-12-09 19:43 - 2013-12-09 19:43 - 00063029 _____ C:\Users\Tapirus\Desktop\FRST.txt
2013-12-09 19:41 - 2013-12-09 19:45 - 00027612 _____ C:\Users\Tapirus\Downloads\Addition.txt
2013-12-09 19:40 - 2013-12-10 17:12 - 00019856 _____ C:\Users\Tapirus\Downloads\FRST.txt
2013-12-09 19:39 - 2013-12-09 19:39 - 00000000 ____D C:\FRST
2013-12-09 19:38 - 2013-12-09 19:38 - 01927982 _____ (Farbar) C:\Users\Tapirus\Downloads\FRST64.exe
2013-12-09 19:36 - 2013-12-09 19:36 - 00000128 _____ C:\Windows\wininit.ini
2013-12-09 19:19 - 2013-12-09 19:19 - 00025512 _____ C:\Users\Tapirus\Desktop\Avira_scan_AVSCAN-20131209-072009-3876B877.txt
2013-12-09 06:58 - 2013-12-09 07:00 - 00000000 ____D C:\Users\Tapirus\Desktop\Avira
2013-12-09 06:56 - 2013-12-09 06:56 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner (2)
2013-12-09 06:55 - 2013-12-09 06:55 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner
2013-12-08 19:28 - 2013-12-08 19:29 - 00614784 _____ C:\Users\Tapirus\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-08 19:28 - 2013-12-08 19:28 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\LavasoftStatistics
2013-12-08 19:26 - 2013-12-08 19:26 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Lavasoft
2013-12-08 19:24 - 2013-12-08 19:24 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11.exe
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11 (1).exe
2013-12-08 19:16 - 2013-12-08 19:16 - 00000000 ____D C:\Users\Tapirus\Downloads\ProcessExplorer_1540
2013-12-08 19:15 - 2013-12-08 19:15 - 01191834 _____ C:\Users\Tapirus\Downloads\ProcessExplorer_1540.zip
2013-12-08 18:02 - 2013-12-08 18:02 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Malwarebytes
2013-12-08 17:39 - 2013-12-08 17:39 - 00002194 _____ C:\Windows\PFRO.log
2013-12-08 17:17 - 2013-12-08 17:17 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-08 17:17 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-08 17:15 - 2013-12-08 17:15 - 00614784 _____ C:\Users\Tapirus\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-08 14:26 - 2013-12-08 14:28 - 00026960 _____ C:\Users\GregorJulius\Desktop\AVSCAN-20131208-115055-7844EF36.LOG
2013-12-04 03:12 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-04 03:07 - 2013-12-04 03:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-04 03:07 - 2013-12-04 03:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-04 03:02 - 2013-12-04 03:12 - 00011300 _____ C:\Windows\IE11_main.log
2013-12-03 18:24 - 2013-12-03 18:10 - 00062581 _____ C:\Users\Tapirus\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:48 - 2013-12-03 17:50 - 03904488 _____ C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 05171694 _____ C:\Users\Tapirus\Desktop\Aus_Weiterbildung.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 03957169 _____ C:\Users\Tapirus\Desktop\AZ.zip
2013-12-03 17:46 - 2013-12-03 17:50 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie
2013-12-03 17:46 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Desktop\MCPDigitalCertPDF.zip
2013-12-03 17:33 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Downloads\MCPDigitalCertPDF.zip
2013-12-03 17:20 - 2013-12-03 18:10 - 00062581 _____ C:\Users\Public\Documents\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:18 - 00062526 _____ C:\Users\Löwilein\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:13 - 00064679 _____ C:\Users\Löwilein\Downloads\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-02 20:52 - 2013-12-02 20:52 - 09482665 _____ C:\Users\Löwilein\Downloads\Nicht bestätigt 548076.crdownload
2013-12-02 20:11 - 2013-12-02 20:11 - 00021693 _____ C:\Users\Löwilein\Unbenannt 1.odt
2013-12-02 08:23 - 2013-12-02 08:23 - 01994752 _____ C:\Users\Löwilein\Downloads\Advents-kalender.pps
2013-11-24 11:49 - 2013-11-24 11:49 - 00021547 _____ C:\Users\Tapirus\Desktop\Bew_2012_13.ods
2013-11-24 11:31 - 2013-11-24 11:31 - 00428944 _____ C:\Users\Tapirus\Desktop\LRA_FN_11_2013.zip
2013-11-22 19:03 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Public\Documents\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-22 19:01 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-18 18:36 - 2013-11-18 18:36 - 00009527 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-16 11:09 - 2013-11-16 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 07:40 - 2013-11-16 07:40 - 00009527 _____ C:\Users\Tapirus\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-14 13:48 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 13:48 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 13:48 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 13:48 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 13:48 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 13:48 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 13:48 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 13:48 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 13:48 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 13:48 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 13:48 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 13:48 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 13:48 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 13:48 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 13:48 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 13:48 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 13:48 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 13:48 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 13:48 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 13:48 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 13:48 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 13:48 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 13:48 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 13:48 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 13:48 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 13:48 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 13:48 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 13:48 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 13:48 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 13:48 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 06:07 - 2013-12-10 17:05 - 00001512 _____ C:\Windows\setupact.log
2013-11-12 06:07 - 2013-11-12 06:07 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 19:38 - 2013-11-11 19:38 - 32522152 _____ (TuneUp Software) C:\Users\Tapirus\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe

==================== One Month Modified Files and Folders =======

2013-12-10 17:12 - 2013-12-09 19:40 - 00019856 _____ C:\Users\Tapirus\Downloads\FRST.txt
2013-12-10 17:11 - 2010-08-26 17:13 - 01613031 _____ C:\Windows\WindowsUpdate.log
2013-12-10 17:06 - 2011-03-05 19:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-10 17:05 - 2013-11-12 06:07 - 00001512 _____ C:\Windows\setupact.log
2013-12-10 17:05 - 2010-08-26 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-10 17:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-09 20:28 - 2011-03-05 20:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 20:25 - 2012-05-22 18:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-09 20:03 - 2012-12-04 19:20 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA.job
2013-12-09 19:55 - 2013-12-09 19:45 - 00000000 ____D C:\Users\Tapirus\Desktop\sanowar_files
2013-12-09 19:45 - 2013-12-09 19:41 - 00027612 _____ C:\Users\Tapirus\Downloads\Addition.txt
2013-12-09 19:44 - 2012-11-30 20:00 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA.job
2013-12-09 19:43 - 2013-12-09 19:43 - 00063029 _____ C:\Users\Tapirus\Desktop\FRST.txt
2013-12-09 19:39 - 2013-12-09 19:39 - 00000000 ____D C:\FRST
2013-12-09 19:38 - 2013-12-09 19:38 - 01927982 _____ (Farbar) C:\Users\Tapirus\Downloads\FRST64.exe
2013-12-09 19:38 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:38 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-09 19:36 - 2013-12-09 19:36 - 00000128 _____ C:\Windows\wininit.ini
2013-12-09 19:19 - 2013-12-09 19:19 - 00025512 _____ C:\Users\Tapirus\Desktop\Avira_scan_AVSCAN-20131209-072009-3876B877.txt
2013-12-09 11:31 - 2012-12-04 19:20 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core.job
2013-12-09 07:41 - 2010-08-27 03:05 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-12-09 07:41 - 2010-08-27 03:05 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-12-09 07:41 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 07:00 - 2013-12-09 06:58 - 00000000 ____D C:\Users\Tapirus\Desktop\Avira
2013-12-09 06:56 - 2013-12-09 06:56 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner (2)
2013-12-09 06:55 - 2013-12-09 06:55 - 00000000 ____D C:\Users\Tapirus\Desktop\Neuer Ordner
2013-12-09 03:43 - 2012-11-30 20:00 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core.job
2013-12-08 19:29 - 2013-12-08 19:28 - 00614784 _____ C:\Users\Tapirus\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2013-12-08 19:28 - 2013-12-08 19:28 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\LavasoftStatistics
2013-12-08 19:26 - 2013-12-08 19:26 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Lavasoft
2013-12-08 19:24 - 2013-12-08 19:24 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11.exe
2013-12-08 19:22 - 2013-12-08 19:22 - 01724552 _____ C:\Users\Tapirus\Downloads\Adaware_Installer_11 (1).exe
2013-12-08 19:16 - 2013-12-08 19:16 - 00000000 ____D C:\Users\Tapirus\Downloads\ProcessExplorer_1540
2013-12-08 19:15 - 2013-12-08 19:15 - 01191834 _____ C:\Users\Tapirus\Downloads\ProcessExplorer_1540.zip
2013-12-08 18:02 - 2013-12-08 18:02 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Malwarebytes
2013-12-08 17:39 - 2013-12-08 17:39 - 00002194 _____ C:\Windows\PFRO.log
2013-12-08 17:37 - 2013-09-04 18:46 - 00000000 ____D C:\ProgramData\Visual CertExam Suite
2013-12-08 17:17 - 2013-12-08 17:17 - 00001122 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Users\GregorJulius\AppData\Roaming\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-08 17:17 - 2013-12-08 17:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-08 17:15 - 2013-12-08 17:15 - 00614784 _____ C:\Users\Tapirus\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-08 17:15 - 2011-03-05 20:04 - 00103440 _____ C:\Users\GregorJulius\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-08 14:28 - 2013-12-08 14:26 - 00026960 _____ C:\Users\GregorJulius\Desktop\AVSCAN-20131208-115055-7844EF36.LOG
2013-12-08 03:38 - 2012-11-30 20:00 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA
2013-12-08 03:38 - 2012-11-30 20:00 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core
2013-12-06 16:51 - 2012-05-22 19:15 - 00002341 _____ C:\Users\Tapirus\Desktop\Google Chrome.lnk
2013-12-06 09:58 - 2012-12-04 19:20 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA
2013-12-06 09:58 - 2012-12-04 19:20 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core
2013-12-05 08:33 - 2012-05-22 19:10 - 00002346 _____ C:\Users\Löwilein\Desktop\Google Chrome.lnk
2013-12-05 08:27 - 2011-03-20 09:48 - 00001434 _____ C:\Users\Löwilein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-04 07:27 - 2011-03-20 10:24 - 00001434 _____ C:\Users\Tapirus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-04 03:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-04 03:12 - 2013-12-04 03:02 - 00011300 _____ C:\Windows\IE11_main.log
2013-12-04 03:07 - 2013-12-04 03:07 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-04 03:07 - 2013-12-04 03:07 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-04 03:06 - 2013-12-04 03:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-04 03:06 - 2013-12-04 03:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-04 03:06 - 2013-12-04 03:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-04 03:06 - 2013-12-04 03:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-04 03:06 - 2013-12-04 03:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-04 03:06 - 2013-12-04 03:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-04 03:06 - 2013-12-04 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-03 18:10 - 2013-12-03 18:24 - 00062581 _____ C:\Users\Tapirus\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 18:10 - 2013-12-03 17:20 - 00062581 _____ C:\Users\Public\Documents\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:50 - 2013-12-03 17:48 - 03904488 _____ C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie.zip
2013-12-03 17:50 - 2013-12-03 17:46 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013 - Kopie
2013-12-03 17:47 - 2013-12-03 17:47 - 05171694 _____ C:\Users\Tapirus\Desktop\Aus_Weiterbildung.zip
2013-12-03 17:47 - 2013-12-03 17:47 - 03957169 _____ C:\Users\Tapirus\Desktop\AZ.zip
2013-12-03 17:44 - 2013-07-22 08:24 - 00000000 ____D C:\Users\Tapirus\Desktop\AZ_Aus_Weiterb_Juli2013
2013-12-03 17:33 - 2013-12-03 17:46 - 00465191 _____ C:\Users\Tapirus\Desktop\MCPDigitalCertPDF.zip
2013-12-03 17:33 - 2013-12-03 17:33 - 00465191 _____ C:\Users\Tapirus\Downloads\MCPDigitalCertPDF.zip
2013-12-03 17:18 - 2013-12-03 17:13 - 00062526 _____ C:\Users\Löwilein\Desktop\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 17:13 - 2013-12-03 17:13 - 00064679 _____ C:\Users\Löwilein\Downloads\Anschreiben_Elisabth_Bad_Waldsee.odt
2013-12-03 16:36 - 2012-05-22 19:10 - 00000000 ____D C:\Users\Löwilein\AppData\Local\Google
2013-12-03 13:02 - 2013-06-07 07:13 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 20:52 - 2013-12-02 20:52 - 09482665 _____ C:\Users\Löwilein\Downloads\Nicht bestätigt 548076.crdownload
2013-12-02 20:11 - 2013-12-02 20:11 - 00021693 _____ C:\Users\Löwilein\Unbenannt 1.odt
2013-12-02 20:11 - 2011-03-20 09:48 - 00000000 ____D C:\Users\Löwilein
2013-12-02 08:23 - 2013-12-02 08:23 - 01994752 _____ C:\Users\Löwilein\Downloads\Advents-kalender.pps
2013-12-02 07:23 - 2011-03-05 20:00 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-02 07:23 - 2011-03-05 19:59 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-30 10:56 - 2012-07-15 10:15 - 00000000 ____D C:\Users\Löwilein\Documents\PrintScreen Files
2013-11-28 07:20 - 2013-07-07 17:42 - 00000000 ____D C:\Users\Tapirus\Desktop\Bewerbung_Renate
2013-11-25 19:15 - 2012-10-28 11:06 - 00000000 ____D C:\Users\Tapirus\Desktop\Videos_Bilder
2013-11-25 18:41 - 2013-06-07 07:15 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 18:41 - 2013-06-07 07:13 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 18:41 - 2013-06-07 07:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-24 11:49 - 2013-11-24 11:49 - 00021547 _____ C:\Users\Tapirus\Desktop\Bew_2012_13.ods
2013-11-24 11:49 - 2013-10-05 08:46 - 00000000 ____D C:\Users\Tapirus\Desktop\Okt_2013
2013-11-24 11:31 - 2013-11-24 11:31 - 00428944 _____ C:\Users\Tapirus\Desktop\LRA_FN_11_2013.zip
2013-11-24 10:44 - 2013-10-20 09:28 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-23 17:31 - 2012-05-23 18:21 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\Skype
2013-11-23 17:14 - 2012-05-25 18:26 - 00000000 ____D C:\Users\Tapirus\AppData\Roaming\TeamViewer
2013-11-22 19:01 - 2013-11-22 19:03 - 00009859 _____ C:\Users\Public\Documents\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-22 19:01 - 2013-11-22 19:01 - 00009859 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1(1).xlsx
2013-11-20 13:53 - 2013-04-19 14:41 - 00005632 _____ C:\Users\Tapirus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-20 09:18 - 2013-04-11 08:15 - 00000000 ____D C:\Users\Tapirus\.tfo4
2013-11-18 18:36 - 2013-11-18 18:36 - 00009527 _____ C:\Users\Löwilein\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-17 08:29 - 2012-05-22 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 11:09 - 2013-11-16 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 07:40 - 2013-11-16 07:40 - 00009527 _____ C:\Users\Tapirus\Downloads\Kopie von ErgebnisseAbisH-1.xlsx
2013-11-14 21:30 - 2009-10-29 07:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-12 06:07 - 2013-11-12 06:07 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 19:38 - 2013-11-11 19:38 - 32522152 _____ (TuneUp Software) C:\Users\Tapirus\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe

Some content of TEMP:
====================
C:\Users\GregorJulius\AppData\Local\Temp\5187b4e4-6aa7-4c00-917e-30bff40766a8.exe
C:\Users\GregorJulius\AppData\Local\Temp\AskSLib.dll
C:\Users\GregorJulius\AppData\Local\Temp\ose00000.exe
C:\Users\Löwilein\AppData\Local\Temp\AskSLib.dll
C:\Users\Löwilein\AppData\Local\Temp\avgnt.exe
C:\Users\Löwilein\AppData\Local\Temp\FileSystemView.dll
C:\Users\Löwilein\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tapirus\AppData\Local\Temp\avgnt.exe
C:\Users\Tapirus\AppData\Local\Temp\FileSystemView.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 11:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Additonal.txt :

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013
Ran by GregorJulius at 2013-12-10 17:13:37
Running from C:\Users\Tapirus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.1)
6500_E709_eDocs (x32 Version: 1.00.0000)
6500_E709_Help (x32 Version: 1.00.0000)
6500_E709n (x32 Version: 50.0.165.000)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Advertising Center (x32 Version: 0.0.0.2)
Alice Greenfingers (x32)
Amazonia (x32)
Ask Toolbar (x32 Version: 1.15.26.0)
Avira Free Antivirus (x32 Version: 14.0.1.759)
bpd_scan (x32 Version: 3.00.0000)
BPDSoftware (x32 Version: 50.0.165.000)
BPDSoftware_Ini (x32 Version: 1.00.0000)
BufferChm (x32 Version: 130.0.331.000)
CCleaner (Version: 4.01)
Chicken Invaders 2 (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Dairy Dash (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DocMgr (x32 Version: 130.0.000.000)
DocProc (x32 Version: 13.0.0.0)
Dream Day First Home (x32)
eBay Worldwide (x32 Version: 2.1.0901)
eMachines GameZone Console (x32 Version: 5.1.1.3)
eMachines Recovery Management (x32 Version: 4.05.3005)
eMachines Registration (x32 Version: 1.02.3006)
eMachines ScreenSaver (x32 Version: 1.1.0812)
eMachines Updater (x32 Version: 1.01.3017)
Farm Frenzy 2 (x32)
Fax (x32 Version: 130.0.418.000)
First Class Flurry (x32)
Free Audio CD Burner version 1.4.7 (x32)
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925)
Gadwin PrintScreen (x32 Version: 4.6)
Google Earth (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.22.3)
GPBaseService2 (x32 Version: 130.0.371.000)
Granny In Paradise (x32)
Heroes of Hellas (x32)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 6500 E709 Series (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 4.000.011.006)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
Identity Card (x32 Version: 1.00.3002)
ImagXpress (x32 Version: 7.0.74.0)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JavaFX 2.1.0 (x32 Version: 2.1.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 3.8.130.10)
Merriam Websters Spell Jam (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 Essentials (x32)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.7.201)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.7.201)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.4.9.100)
Nero InfoTool (x32 Version: 6.4.7.201)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.11.209)
Nero StartSmart Help (x32 Version: 9.4.11.208)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.10.505)
neroxml (x32 Version: 1.0.0)
Network64 (Version: 130.0.579.000)
Norton Internet Security (x32 Version: 16.7.0.30)
Norton Online Backup (x32 Version: 1.2.0.36)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
ProductContext (x32 Version: 50.0.165.000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5898)
Scan (x32 Version: 13.0.0.0)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Shop for HP Supplies (Version: 13.0)
Skype™ 6.3 (x32 Version: 6.3.107)
SmartWebPrinting (x32 Version: 130.0.457.000)
Softonic toolbar  on IE and Chrome (x32 Version: 1.8.21.14)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.20202)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
WebReg (x32 Version: 130.0.132.017)
Welcome Center (x32 Version: 1.00.3008)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
YouTube Song Downloader (x32 Version: 8.2)

==================== Restore Points  =========================

10-11-2013 11:03:16 Geplanter Prüfpunkt
11-11-2013 18:41:02 TuneUp Utilities 2014 wird entfernt
11-11-2013 18:42:25 TuneUp Utilities 2014 (de-DE) wird entfernt
14-11-2013 20:25:20 Windows Update
04-12-2013 02:01:05 Windows Update
08-12-2013 18:24:28 AA11

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00921F5E-BD54-46C3-8BBF-FCC87B2750CF} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {07F1952B-6D3B-47AB-9C18-57FCAB4F138D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core => C:\Users\Löwilein\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-04] (Google Inc.)
Task: {2A98FC50-1F07-4E7D-AABB-189E8299774F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2CC9AF17-9E90-4FC3-99F3-F4030A0E894C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05] (Google Inc.)
Task: {43ED1F35-23D6-4D7A-B90C-1CE12361D1EA} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-30] ()
Task: {47028DC4-B7A9-4B88-ACC9-0C46ABF4ABAE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {737514CD-15A1-4C00-992B-9FB9C0A3DF33} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {7757F54B-BA09-40EE-B0D6-C914AD67BB32} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {80FE4714-B4D2-4AFA-A888-28DD6061CAD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA => C:\Users\Löwilein\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-04] (Google Inc.)
Task: {82FBB52C-5284-49F1-89CD-C93553F71A13} - System32\Tasks\{0AEDC6CA-91B7-40C5-95CC-AB484A914AA1} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {839FF10B-42FF-4785-B1AB-EC70FEECFDF0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {A3F74833-C885-4962-90C3-FA3847E7A291} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05] (Google Inc.)
Task: {ED881C76-3624-4039-A651-25ABE722E3F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001Core.job => C:\Users\Löwilein\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1001UA.job => C:\Users\Löwilein\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002Core.job => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3064647822-3339835954-2604749464-1002UA.job => C:\Users\Tapirus\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-07 07:13 - 2013-06-07 07:00 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:444C53BA
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: NAVEX15
Description: NAVEX15
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NAVEX15
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2013 08:55:02 PM) (Source: Application Hang) (User: )
Description: Programm soffice.bin, Version 3.4.9590.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1678

Startzeit: 01cee2b5ec1554f0

Endzeit: 192

Anwendungspfad: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

Berichts-ID: dfc71121-4ef8-11e3-99ed-002511626342

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 11:58:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/08/2013 06:18:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: NobuActivation.exe, Version: 1.2.0.36, Zeitstempel: 0x4a6a44da
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00035d29
ID des fehlerhaften Prozesses: 0xf44
Startzeit der fehlerhaften Anwendung: 0xNobuActivation.exe0
Pfad der fehlerhaften Anwendung: NobuActivation.exe1
Pfad des fehlerhaften Moduls: NobuActivation.exe2
Berichtskennung: NobuActivation.exe3

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller) (User: GregorJulius-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller) (User: GregorJulius-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011005}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/22/2013 04:44:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0xd54
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3


System errors:
=============
Error: (12/10/2013 05:09:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/10/2013 05:09:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/10/2013 05:09:04 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (12/10/2013 05:06:31 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SRTSP

Error: (12/10/2013 05:04:56 PM) (Source: SRTSP) (User: )
Description: Error loading Symantec real time Anti-Virus driver.

Error: (12/10/2013 05:04:56 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (12/09/2013 06:36:27 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden.

Error: (12/08/2013 05:43:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/08/2013 05:43:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/08/2013 05:41:18 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SRTSP


Microsoft Office Sessions:
=========================
Error: (11/16/2013 08:55:02 PM) (Source: Application Hang)(User: )
Description: soffice.bin3.4.9590.500167801cee2b5ec1554f0192C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bindfc71121-4ef8-11e3-99ed-002511626342

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe

Error: (11/10/2013 00:00:40 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe

Error: (11/10/2013 11:58:23 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (11/08/2013 06:18:58 AM) (Source: Application Error)(User: )
Description: NobuActivation.exe1.2.0.364a6a44daole32.dll6.1.7601.175144ce7b96fc000000500035d29f4401cedc41f9cf3b80C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exeC:\Windows\syswow64\ole32.dll44c09080-4835-11e3-ae38-002511626342

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller)(User: GregorJulius-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL)

Error: (10/22/2013 04:45:23 PM) (Source: MsiInstaller)(User: GregorJulius-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011005}1625(NULL)(NULL)(NULL)

Error: (10/22/2013 04:44:40 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487d5401cecf3d978efc00C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exedc692c60-3b30-11e3-a742-002511626342


==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 3071.23 MB
Available physical RAM: 1761.23 MB
Total Pagefile: 6140.65 MB
Available Pagefile: 4538.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:479.1 GB) (Free:254.2 GB) NTFS
Drive d: (DATA) (Fixed) (Total:433.76 GB) (Free:328.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: B8559ABA)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=479 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=434 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 11.12.2013, 10:52   #8
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Hi,

Platte dran lassen:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.12.2013, 06:41   #9
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Hab in den hier aufgeführten Checks bisher die Platte nicht dran gehabt.

Soll ich jetzt alles (frst, malewarebytes ...) nochmal mit Platte machen ?

Oder reicht es jetzt Malwarebytes Anti-Rootkit mit Platte auszuführen ?

Danke im Voraus.

Hab den Malwarebytes Anti-Rootkit - Scann mit angeschlossener Platte durchgeführt.

Ergebnis :

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.11.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
GregorJulius :: GREGORJULIUS-PC [administrator]

11.12.2013 23:38:04
mbar-log-2013-12-11 (23-38-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 48286
Time elapsed: 2 minute(s), 44 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Hab zuvor Datensicherung auf neue externe Festplatte gemacht -allerdings versäumt beim Anschluss dieser Shift Taste zu drücken - und jpeg. und Filmchen (avi, mov, mts etc.) gespeichert - keine Dateien wie .exe, .dat, .dll etc..

Ist das weiter dramatisch ? Ist das Drücken der Shifttaste notwendig ?

Bei der neuen Festplatte kam dann aber nicht die Meldung mit Sinawal.a - beim Einstecken der 'alten' jedoch immer noch (diese wurde auch gescannt).

Danke im Voraus.

Alt 12.12.2013, 12:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Das Drücken wäre notwendig bei einer Autorun Infektion. Die Platte soll ja angeblich, wenn überhaupt, nur nen Bootsektor Virus haben. Ich würd die Platte einfach formatieren und gut is.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.12.2013, 15:05   #11
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Also sind die Chancen gut, dass die Sicherheitskopie OK und sicher ist, auch beim Zurückspielen, oder ?

Alt 13.12.2013, 10:24   #12
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



genau. EInfach vorher nochmal schnell nen Scan machen mit deinem AV, dann passt das
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.12.2013, 10:52   #13
schnonus
 
beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Werde ich machen.

Danke, für Deine Hilfe

Alt 13.12.2013, 20:25   #14
schrauber
/// the machine
/// TB-Ausbilder
 

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Standard

beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]
antivirus, avira, boo/sinowal.a, clean, datensicherung, desktop, detected, ebanking, externe festplatte, festplatte, google, hdd0(c:, home, kein fund, logfiles, lsass.exe, microsoft, modul, msiexec.exe, programm, prozesse, registry, scan, services.exe, svchost.exe, taskhost.exe, virus, warnung, windows, winlogon.exe



Ähnliche Themen: beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]


  1. BOO/Sinowal.A auf Bootsektor der externen Festplatte
    Log-Analyse und Auswertung - 08.05.2013 (11)
  2. BOO/Sinowal.a Virus auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (21)
  3. Skriptfehler beim anschließen der externen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 06.11.2012 (27)
  4. Virus BOO/Whistler.a auf Laptop-Festplatte und 2 externen Festplatten.
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (1)
  5. Verschlüsselungstrojaner auf der externen Festplatte?
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (4)
  6. Sinowal oder so.. G-Data meldet Virus beim öffnen von IE9
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (13)
  7. rootkit virus auf externen Festplatte? o.O
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (1)
  8. Trojaner/Virus -zeigt sich durch Ordner auf externen Festplatte die als Verknüpfung angezeigt werden
    Log-Analyse und Auswertung - 28.02.2012 (29)
  9. Nach Anschluss einer externen Festplatte massiver Schädlingsbefall
    Plagegeister aller Art und deren Bekämpfung - 11.12.2011 (21)
  10. Virus auf meiner Externen Festplatte - Nur noch Verknüpfungen
    Plagegeister aller Art und deren Bekämpfung - 29.11.2011 (9)
  11. Kann man die Autorun auf einer externen Festplatte einfach löschen?
    Alles rund um Windows - 04.10.2011 (3)
  12. Geplagt vom Trojaner dropper.gen auf einer externen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (23)
  13. Boot.Mebroot - Virus in MBR der externen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (3)
  14. Möglicher Trojaner - Festplatte anschliessen?
    Plagegeister aller Art und deren Bekämpfung - 16.05.2009 (1)
  15. PC startet sich beim anschliessen ext. Festplatte ständig neu
    Alles rund um Windows - 28.08.2008 (5)
  16. Anschaffung einer externen Festplatte -iOmega 320GB empfehlenswert?
    Netzwerk und Hardware - 07.08.2007 (2)
  17. Tipps zum kauf einer Externen Festplatte!
    Netzwerk und Hardware - 04.09.2006 (1)

Zum Thema beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] - Hallo und guten Tag, hab Windows7 Prof. und Free Antivirus (Avira) Folgende Meldungen (von Free Antivirus-Avira) kamen, nachdem externe Festplatte angeschlossen wurde (zur Datensicherung): Im Masterbootsektor von Laufwerk 'Masterbootsektor HD7' - beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus]...
Archiv
Du betrachtest: beim Anschliessen einer externen Festplatte : 'BOO/Sinowal.A' [virus] auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.