Verdacht auf Malware (Win7, nicht dringend)

Alois S · 10.12.2013, 16:25

Hallo,

der Rechner meiner Freundin zeigt folgende Symptome:

1) Freeze von Websiten mehrmals täglich ohne die üblichen Fehlermeldungen auch ohne Browser-
Plugins (IE10, Win7prof. 64bit)

2) Zunahme von Scam-Mails aller Art (Paypal, Abmahnungen.....)

3) Regelmäßige Scans mit Comodo Internet Security zeigen sozusagen "nichts"

Vielleicht könnt Ihr mir helfen, eine komplette Neuinstallation zu umgehen?

Liebe Grüße, Alois

schrauber · 10.12.2013, 16:48

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Alois S · 10.12.2013, 17:31

Hallo "schrauber",

bitte sehr:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by Evelyn (administrator) on DELLA on 10-12-2013 17:20:45
Running from C:\Users\Evelyn\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Symantec Corporation) D:\GHOST\Agent\VProSvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
() C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhoto.exe
(Voyetra Turtle Beach, Inc.) C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) D:\GHOST\Agent\VProTray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragmonitorservice.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragactivitymonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Symantec) D:\GHOST\Shared\Drivers\SymSnapServicex64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe [2883456 2012-05-14] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
MountPoints2: {03e891f0-1fe5-11e3-af7d-806e6f6e6963} - F:\autoRcd.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe [1654784 2009-08-30] (Voyetra Turtle Beach, Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [DefragTaskBar] - C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe [927072 2009-12-16] ()
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Norton Ghost 15.0] - D:\GHOST\Agent\VProTray.exe [2596712 2009-10-01] (Symantec Corporation)
HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
AppInit_DLLs: C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32:   C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Evelyn\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
BootExecute: autocheck autochk * DfSDKBt

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87DE93B1D0C5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{DC4B6AD0-A5E1-4DF2-9500-170112465B76}: [NameServer]8.26.56.26,156.154.70.22

==================== Services (Whitelisted) =================

R2 Ashampoo Defrag Service; C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe [890208 2009-12-16] ()
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-09-19] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.)
S3 GenericMount Helper Service; D:\GHOST\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
R2 Norton Ghost; D:\GHOST\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R3 SymSnapService; D:\GHOST\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] ()

==================== Drivers (Whitelisted) ====================

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-18] (DT Soft Ltd)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-18] (Duplex Secure Ltd.)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
R3 USBAU; C:\Windows\System32\drivers\CM10264.sys [1306624 2009-09-08] (C-Media Electronics Inc)
R3 usbscan; C:\Windows\SysWow64\drivers\usbscan.sys [8944 1999-05-05] (Microsoft Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-11-08] (OpenLibSys.org)
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 17:20 - 2013-12-10 17:21 - 00012461 _____ C:\Users\Evelyn\Desktop\FRST.txt
2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST
2013-12-10 17:20 - 2013-12-10 17:03 - 01927982 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe
2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx
2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx
2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx
2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv
2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps
2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx
2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx
2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps
2013-12-08 21:40 - 2013-12-08 21:41 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv
2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps
2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps
2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps
2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls
2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps
2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx
2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx
2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps
2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx
2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv
2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps
2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps
2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps
2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps
2013-12-04 07:02 - 2013-12-06 20:26 - 00327168 ___SH C:\Users\Evelyn\Thumbs.db
2013-12-02 02:53 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk
2013-12-02 02:52 - 2013-12-10 06:16 - 00001792 _____ C:\Windows\setupact.log
2013-12-02 02:52 - 2013-12-02 02:52 - 00000000 _____ C:\Windows\setuperr.log
2013-12-01 18:53 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner
2013-11-30 17:55 - 2013-11-30 17:56 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer
2013-11-30 17:48 - 2013-12-05 00:25 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner
2013-11-30 17:47 - 2013-12-10 00:11 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke
2013-11-30 17:47 - 2013-12-05 07:05 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche
2013-11-22 06:30 - 2013-12-10 06:16 - 00012810 _____ C:\Users\Evelyn\DesktopStCenter.txt
2013-11-22 02:01 - 2013-12-02 02:53 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL
2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht
2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc
2013-11-18 09:31 - 2013-11-18 10:00 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-16 13:26 - 2013-12-10 17:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-16 13:26 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-15 10:10 - 2013-11-18 09:31 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub
2013-11-14 15:57 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-14 15:57 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-14 15:57 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-14 15:57 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-14 15:57 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-14 15:57 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-14 15:57 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-14 15:57 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-14 15:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-14 15:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-14 15:57 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-14 15:57 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-14 15:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-14 15:57 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-14 15:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-14 15:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-14 15:57 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-14 15:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-14 15:56 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-14 15:56 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-14 15:48 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 15:48 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 15:48 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 15:48 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 15:48 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 15:48 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 15:48 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 15:48 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 15:48 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 15:48 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 15:48 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 15:48 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 14:57 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 14:57 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 14:56 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 14:56 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 14:56 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 14:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 14:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 14:56 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 14:56 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 14:56 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 14:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 14:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 14:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 14:56 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 14:56 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 14:56 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 14:56 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 14:56 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 14:56 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 14:56 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 14:56 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 14:56 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 14:56 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 14:56 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 14:56 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 14:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 14:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 14:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 14:56 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 14:56 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch
2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt
2013-11-10 21:04 - 2013-12-02 02:47 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10

==================== One Month Modified Files and Folders =======

2013-12-10 17:21 - 2013-12-10 17:20 - 00012461 _____ C:\Users\Evelyn\Desktop\FRST.txt
2013-12-10 17:21 - 2013-11-16 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST
2013-12-10 17:17 - 2013-11-08 22:23 - 00002047 _____ C:\Users\Evelyn\Documents\PTBSync-AutoExport-Evelyn.ini
2013-12-10 17:16 - 2013-09-18 22:10 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-12-10 17:03 - 2013-12-10 17:20 - 01927982 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe
2013-12-10 16:14 - 2013-09-17 23:08 - 01054183 _____ C:\Windows\WindowsUpdate.log
2013-12-10 06:24 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 06:24 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 06:16 - 2013-12-02 02:52 - 00001792 _____ C:\Windows\setupact.log
2013-12-10 06:16 - 2013-11-22 06:30 - 00012810 _____ C:\Users\Evelyn\DesktopStCenter.txt
2013-12-10 06:16 - 2013-10-14 14:07 - 00000000 ____D C:\Users\Evelyn\Desktop\DigiPhoto
2013-12-10 06:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 03:36 - 2013-09-18 18:55 - 00004096 ___SH C:\VSNAP.IDX
2013-12-10 00:11 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke
2013-12-10 00:11 - 2013-09-17 23:13 - 00000000 ____D C:\Users\Evelyn
2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx
2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx
2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx
2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv
2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps
2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx
2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx
2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps
2013-12-08 21:41 - 2013-12-08 21:40 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv
2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps
2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps
2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps
2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls
2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps
2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx
2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx
2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps
2013-12-06 20:26 - 2013-12-04 07:02 - 00327168 ___SH C:\Users\Evelyn\Thumbs.db
2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx
2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv
2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps
2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps
2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps
2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps
2013-12-05 07:05 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche
2013-12-05 00:27 - 2013-11-07 21:11 - 00000000 ____D C:\Users\Evelyn\Downloads\wmv
2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pps
2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pdf
2013-12-05 00:25 - 2013-11-30 17:48 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner
2013-12-04 18:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-02 02:53 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk
2013-12-02 02:53 - 2013-11-22 02:01 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2013-12-02 02:53 - 2013-09-17 23:13 - 00000000 ___RD C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-02 02:52 - 2013-12-02 02:52 - 00000000 _____ C:\Windows\setuperr.log
2013-12-02 02:47 - 2013-11-10 21:04 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10
2013-12-02 02:47 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\SONSTIGES
2013-12-02 01:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2013-12-01 18:53 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner
2013-11-30 17:56 - 2013-11-30 17:55 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer
2013-11-29 21:29 - 2013-09-21 21:51 - 00000000 ____D C:\Users\Evelyn\Documents\SCHRIFTWECHSEL
2013-11-29 09:22 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\GEDICHTE
2013-11-22 02:10 - 2013-09-18 23:48 - 00000000 ___RD C:\Users\Evelyn\Desktop\WARTUNG
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL
2013-11-22 02:01 - 2013-09-18 16:29 - 00000000 ____D C:\Program Files\FRITZ!DSL
2013-11-22 01:50 - 2013-09-18 00:03 - 00000000 ____D C:\Windows\Panther
2013-11-22 01:43 - 2013-09-18 16:59 - 00000000 ___RD C:\Users\Evelyn\Desktop\Alo-Support
2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht
2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc
2013-11-18 16:37 - 2013-09-18 15:53 - 00000000 ___RD C:\Users\Evelyn\Desktop\Verknüpfungen
2013-11-18 10:00 - 2013-11-18 09:31 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub
2013-11-18 09:31 - 2013-11-15 10:10 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-09-18 18:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-16 13:28 - 2013-09-18 18:04 - 00000000 ____D C:\ProgramData\Adobe
2013-11-16 13:28 - 2013-09-18 18:03 - 00000000 ____D C:\Users\Evelyn\AppData\Local\Adobe
2013-11-16 13:28 - 2013-09-18 01:50 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Adobe
2013-11-16 13:26 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 13:26 - 2013-09-18 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 13:26 - 2013-09-18 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 17:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-14 15:49 - 2013-09-18 00:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 15:47 - 2013-09-18 20:13 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 15:45 - 2013-09-18 20:13 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch
2013-11-12 06:33 - 2013-09-18 22:08 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-11-12 06:33 - 2013-09-18 22:08 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-11-12 06:33 - 2013-09-18 22:08 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-11-11 17:41 - 2013-10-01 13:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 00:33

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

und:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013
Ran by Evelyn at 2013-12-10 17:21:16
Running from C:\Users\Evelyn\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: COMODO Antivirus (Disabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Disabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

7-Zip 4.62 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Alcor Micro USB Card Reader (x32 Version: 4.7.1245.73473)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo Magical Defrag 3 (x32 Version: 3.0.2)
Ashampoo UnInstaller 4 v.4.30 (x32 Version: 4.3.0)
Ashampoo UnInstaller 4.04 (x32 Version: 4.0.4)
Ashampoo WinOptimizer 6.60 (x32 Version: 6.6.0)
Ashampoo WinOptimizer 9 v.9.2.0 (x32 Version: 9.2.0)
AudioAdvantageMicro (x32 Version: 1.01.01.02)
Bonjour (Version: 3.0.0.10)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 14.2.4.1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Comodo Dragon (x32 Version: 30.0.0.0)
COMODO Internet Security (Version: 5.10.31649.2253)
DAEMON Tools Lite (x32 Version: 4.45.4.0314)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
FRITZ!DSL64
GeekBuddy (x32 Version: 4.9.69)
GetDataBack for NTFS (x32 Version: 4.25.000)
Intel(R) Management Engine Components (x32 Version: 9.5.14.1724)
Intel(R) Rapid Storage Technology (Version: 12.8.2.1000)
Intel® Trusted Connect Service Client (Version: 1.28.487.1)
Internet Explorer (Enable DEP)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.1.0.126)
Java 7 Update 45 (x32 Version: 7.0.450)
K-Lite Mega Codec Pack 8.8.0 (x32 Version: 8.8.0)
LiveUpdate 3.2 (Symantec Corporation) (x32 Version: 3.2.0.68)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MPC-HC 1.7.0 (x32 Version: 1.7.0.7858)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 8 Ultra Edition HD (x32 Version: 8.3.465)
neroxml (x32 Version: 1.0.0)
Norton Ghost (x32 Version: 15.0.0.35659)
Oblivion (x32 Version: 1.00.0000)
PTBSync (Atomuhr Synchronisation & Terminkalender) (x32 Version: 5.7c)
QuickTime (x32 Version: 7.74.80.86)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6650)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7027)
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
SmartPhoto P60 (x32 Version: V3.1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VCRedistSetup (x32 Version: 1.0.0)
VLC media player 2.1.1 (x32 Version: 2.1.1)

==================== Restore Points  =========================

29-11-2013 07:42:09 Geplanter Prüfpunkt
02-12-2013 01:39:42 BASIS
09-12-2013 07:52:12 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {E3C74428-C86C-4250-B2CF-8C1406389C8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-18 01:13 - 2009-12-17 20:39 - 03614016 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\ash_inet2.dll
2013-09-18 23:39 - 2009-03-02 14:50 - 00135168 _____ () C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhotoRes.dll
2013-09-18 23:39 - 2004-04-06 17:45 - 00040960 _____ () C:\Program Files (x86)\Plustek\SmartPhoto P60\DetectSession.dll
2013-09-18 00:47 - 2013-08-28 01:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 07:37:45 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0
Pfad der fehlerhaften Anwendung: dragon_updater.exe1
Pfad des fehlerhaften Moduls: dragon_updater.exe2
Berichtskennung: dragon_updater.exe3

Error: (12/10/2013 00:30:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/10/2013 00:30:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/10/2013 00:30:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/09/2013 07:38:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00042a31
ID des fehlerhaften Prozesses: 0x554
Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0
Pfad der fehlerhaften Anwendung: dragon_updater.exe1
Pfad des fehlerhaften Moduls: dragon_updater.exe2
Berichtskennung: dragon_updater.exe3

Error: (12/09/2013 08:20:39 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dragon_updater.exe, Version: 0.0.0.0, Zeitstempel: 0x5280dfa3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02257c98
ID des fehlerhaften Prozesses: 0x6bc
Startzeit der fehlerhaften Anwendung: 0xdragon_updater.exe0
Pfad der fehlerhaften Anwendung: dragon_updater.exe1
Pfad des fehlerhaften Moduls: dragon_updater.exe2
Berichtskennung: dragon_updater.exe3

Error: (12/09/2013 08:12:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/09/2013 08:12:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/09/2013 08:12:30 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/09/2013 01:07:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (12/10/2013 07:37:46 AM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2013 06:17:28 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (12/09/2013 08:19:14 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (12/09/2013 07:38:33 PM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2013 08:20:42 AM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/08/2013 01:09:08 PM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/08/2013 06:56:27 AM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/08/2013 06:53:44 AM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (12/07/2013 07:03:52 AM) (Source: Service Control Manager) (User: )
Description: Dienst "COMODO Dragon Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/07/2013 01:53:33 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.


Microsoft Office Sessions:
=========================
Error: (12/10/2013 07:37:45 AM) (Source: Application Error)(User: )
Description: dragon_updater.exe0.0.0.05280dfa3unknown0.0.0.000000000c00000050000000056001cef566ff56976aC:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeunknown936346ac-6165-11e3-a9d5-782bcbac6327

Error: (12/10/2013 00:30:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (12/10/2013 00:30:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe

Error: (12/10/2013 00:30:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (12/09/2013 07:38:30 PM) (Source: Application Error)(User: )
Description: dragon_updater.exe0.0.0.05280dfa3ole32.dll6.1.7601.175144ce7b96fc000000500042a3155401cef50875395e81C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeC:\Windows\syswow64\ole32.dll1925aff0-6101-11e3-a231-782bcbac6327

Error: (12/09/2013 08:20:39 AM) (Source: Application Error)(User: )
Description: dragon_updater.exe0.0.0.05280dfa3unknown0.0.0.000000000c000000502257c986bc01cef4a20f1969d0C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeunknown676250dd-60a2-11e3-9022-782bcbac6327

Error: (12/09/2013 08:12:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (12/09/2013 08:12:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (12/09/2013 08:12:30 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (12/09/2013 01:07:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 12270.45 MB
Available physical RAM: 9612.19 MB
Total Pagefile: 24539.07 MB
Available Pagefile: 21545.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1001.43 GB) (Free:956.67 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:1397.26 GB) (Free:1113.45 GB) NTFS
Drive e: (PROGRAMME) (Fixed) (Total:382.81 GB) (Free:275.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 40000000)
Partition 1: (Not Active) - (Size=267 MB) - (Type=DE)
Partition 2: (Active) - (Size=13 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1001 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=383 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 521402D6)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

==================== End Of Log ============================

und wie gesagt - es eilt nicht......

Danke und liebe Grüße vom Alois

schrauber · 11.12.2013, 10:07

Gegen die Mails kannste nichts machen, ausser die Mailadresse wechseln.

Rechner sieht soweit ok aus.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Alois S · 12.12.2013, 10:51

-------------------------------------------------------------------------------------------------------------------------

Hallo schrauber,

hm - war alles ohne Fund, daher poste ich hier nur das FRST log(daran sieht man ja, dass ich alles ausgeführt habe);
auf Wunsch poste ich aber klarerweise auch die 3 anderen Logs, ja?

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Evelyn (administrator) on DELLA on 11-12-2013 17:35:14
Running from C:\Users\Evelyn\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Symantec Corporation) D:\GHOST\Agent\VProSvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
() C:\Program Files (x86)\Plustek\SmartPhoto P60\DigiPhoto.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Voyetra Turtle Beach, Inc.) C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) D:\GHOST\Agent\VProTray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
(Symantec) D:\GHOST\Shared\Drivers\SymSnapServicex64.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragmonitorservice.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragactivitymonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe [2883456 2012-05-14] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
MountPoints2: {03e891f0-1fe5-11e3-af7d-806e6f6e6963} - F:\autoRcd.exe
HKLM-x32\...\Run: [Turtle Beach Audio Advantage Micro] - C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe [1654784 2009-08-30] (Voyetra Turtle Beach, Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [DefragTaskBar] - C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe [927072 2009-12-16] ()
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Norton Ghost 15.0] - D:\GHOST\Agent\VProTray.exe [2596712 2009-10-01] (Symantec Corporation)
HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
AppInit_DLLs: C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32:   C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\Evelyn\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
BootExecute: autocheck autochk * DfSDKBt

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87DE93B1D0C5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{02740B11-FA09-47A2-ACFE-CE9A7961EC5A}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{DC4B6AD0-A5E1-4DF2-9500-170112465B76}: [NameServer]8.26.56.26,156.154.70.22

==================== Services (Whitelisted) =================

R2 Ashampoo Defrag Service; C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe [890208 2009-12-16] ()
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-09-19] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-09-17] (Comodo Security Solutions, Inc.)
S3 GenericMount Helper Service; D:\GHOST\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
R2 Norton Ghost; D:\GHOST\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1583104 2013-11-08] (ElmüSoft)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 Symantec SymSnap VSS Provider; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R3 SymSnapService; D:\GHOST\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] ()

==================== Drivers (Whitelisted) ====================

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22736 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-18] (DT Soft Ltd)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-18] (Duplex Secure Ltd.)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
R3 USBAU; C:\Windows\System32\drivers\CM10264.sys [1306624 2009-09-08] (C-Media Electronics Inc)
R3 usbscan; C:\Windows\SysWow64\drivers\usbscan.sys [8944 1999-05-05] (Microsoft Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-11-08] (OpenLibSys.org)
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-11 17:35 - 2013-12-11 17:35 - 00012702 _____ C:\Users\Evelyn\Desktop\FRST.txt
2013-12-11 17:30 - 2013-12-11 17:30 - 00000000 ____D C:\Windows\ERUNT
2013-12-11 17:25 - 2013-12-11 17:25 - 01928212 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe
2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Malwarebytes
2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-11 15:51 - 2013-12-11 17:28 - 00000168 _____ C:\Windows\setupact.log
2013-12-11 15:51 - 2013-12-11 15:51 - 00000000 _____ C:\Windows\setuperr.log
2013-12-11 15:27 - 2013-12-11 15:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-11 15:26 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-12-11 15:26 - 2013-11-05 15:48 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-11 15:26 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-12-11 15:26 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-12-11 15:26 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-12-11 15:26 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-12-11 15:26 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-12-11 15:26 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-12-11 15:26 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-12-11 15:26 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-12-11 15:26 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-12-11 15:26 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-12-11 15:26 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-12-11 15:26 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-12-11 15:26 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-12-11 15:25 - 2013-09-26 21:40 - 01993496 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2013-12-11 15:25 - 2013-09-26 21:40 - 01722648 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2013-12-11 15:25 - 2013-07-30 14:04 - 00397080 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2013-12-11 15:25 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2013-12-11 15:25 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2013-12-11 15:25 - 2011-12-16 14:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2013-12-11 15:25 - 2009-11-18 07:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2013-12-11 15:24 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-12-11 15:24 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-11 15:24 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-12-11 15:24 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-12-11 15:20 - 2013-12-11 15:20 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-11 15:18 - 2013-12-11 15:18 - 00000000 ____D C:\ProgramData\ATI
2013-12-11 15:17 - 2013-12-11 15:17 - 00055617 _____ C:\Windows\SysWOW64\CCCInstall_201312111517229528.log
2013-12-11 15:17 - 2013-12-11 15:17 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-11 15:11 - 2013-12-11 15:12 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-11 01:09 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 01:09 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 01:09 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 01:09 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 01:07 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 01:07 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 01:06 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 01:06 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 01:06 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 01:06 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 01:06 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 01:06 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 01:06 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 01:06 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 01:06 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 01:06 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 01:06 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 01:06 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 01:02 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 01:02 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 01:02 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 01:02 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 01:02 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 01:02 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 01:02 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 01:02 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 01:02 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 01:02 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 01:02 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 01:02 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 01:02 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 01:02 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 01:02 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 01:02 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 01:02 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 01:02 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 01:02 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 22:58 - 2013-12-10 22:58 - 05120000 _____ C:\Users\Evelyn\Downloads\Weiss_118.pps
2013-12-10 22:54 - 2013-12-10 22:54 - 02158592 _____ C:\Users\Evelyn\Downloads\Mann_und_Frau6.pps
2013-12-10 22:53 - 2013-12-10 22:53 - 05028249 _____ C:\Users\Evelyn\Downloads\Bij_de_chinees11.wmv
2013-12-10 22:52 - 2013-12-10 22:52 - 03251750 _____ C:\Users\Evelyn\Downloads\ohrfeige_in_zeitlupe.avi
2013-12-10 22:39 - 2013-12-10 22:39 - 01690624 _____ C:\Users\Evelyn\Downloads\Frohe_Weihnachtszeit.pps
2013-12-10 22:31 - 2013-12-10 22:31 - 03754496 _____ C:\Users\Evelyn\Downloads\Licht.pps
2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST
2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx
2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx
2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx
2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv
2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps
2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx
2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx
2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps
2013-12-08 21:40 - 2013-12-08 21:41 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv
2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps
2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps
2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps
2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls
2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps
2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx
2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx
2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps
2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx
2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv
2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps
2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps
2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps
2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps
2013-12-02 02:53 - 2013-12-11 15:52 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk
2013-12-01 18:53 - 2013-12-11 17:27 - 00000000 ____D C:\AdwCleaner
2013-11-30 17:55 - 2013-11-30 17:56 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer
2013-11-30 17:48 - 2013-12-05 00:25 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner
2013-11-30 17:47 - 2013-12-10 00:11 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke
2013-11-30 17:47 - 2013-12-05 07:05 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche
2013-11-22 06:30 - 2013-12-11 17:28 - 00016984 _____ C:\Users\Evelyn\DesktopStCenter.txt
2013-11-22 02:01 - 2013-12-11 15:52 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL
2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht
2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc
2013-11-18 09:31 - 2013-11-18 10:00 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-16 13:26 - 2013-12-11 17:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 13:26 - 2013-12-11 17:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 10:10 - 2013-11-18 09:31 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub
2013-11-14 15:57 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-14 15:57 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-14 15:57 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-14 15:57 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-14 15:57 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-14 15:57 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-14 15:57 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-14 15:57 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-14 15:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-14 15:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-14 15:57 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-14 15:57 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-14 15:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-14 15:57 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-14 15:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-14 15:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-14 15:57 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-14 15:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-14 15:56 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-14 15:56 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-14 14:57 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 14:57 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 14:56 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 14:56 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 14:56 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 14:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 14:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 14:56 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 14:56 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 14:56 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 14:56 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 14:56 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 14:56 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 14:56 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 14:56 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 14:56 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 14:56 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 14:56 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 14:56 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 14:56 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 14:56 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 14:56 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 14:56 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 14:56 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 14:56 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 14:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 14:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 14:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 14:56 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 14:56 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch
2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt

==================== One Month Modified Files and Folders =======

2013-12-11 17:35 - 2013-12-11 17:35 - 00012702 _____ C:\Users\Evelyn\Desktop\FRST.txt
2013-12-11 17:30 - 2013-12-11 17:30 - 00000000 ____D C:\Windows\ERUNT
2013-12-11 17:29 - 2013-11-08 22:23 - 00002047 _____ C:\Users\Evelyn\Documents\PTBSync-AutoExport-Evelyn.ini
2013-12-11 17:28 - 2013-12-11 15:51 - 00000168 _____ C:\Windows\setupact.log
2013-12-11 17:28 - 2013-11-22 06:30 - 00016984 _____ C:\Users\Evelyn\DesktopStCenter.txt
2013-12-11 17:28 - 2013-10-14 14:07 - 00000000 ____D C:\Users\Evelyn\Desktop\DigiPhoto
2013-12-11 17:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 17:27 - 2013-12-01 18:53 - 00000000 ____D C:\AdwCleaner
2013-12-11 17:27 - 2013-09-18 18:55 - 00004096 ___SH C:\VSNAP.IDX
2013-12-11 17:27 - 2013-09-17 23:08 - 01548093 _____ C:\Windows\WindowsUpdate.log
2013-12-11 17:27 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:27 - 2009-07-14 05:45 - 00023920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:25 - 2013-12-11 17:25 - 01928212 _____ (Farbar) C:\Users\Evelyn\Desktop\FRST64.exe
2013-12-11 17:21 - 2013-11-16 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:21 - 2013-11-16 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-11 17:21 - 2013-09-18 18:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:21 - 2013-09-18 18:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Malwarebytes
2013-12-11 17:13 - 2013-12-11 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-11 17:10 - 2013-09-18 22:10 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-12-11 15:52 - 2013-12-02 02:53 - 00002989 _____ C:\Users\Evelyn\Desktop\FRITZ!DSL Startcenter.lnk
2013-12-11 15:52 - 2013-11-22 02:01 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2013-12-11 15:52 - 2013-09-17 23:13 - 00000000 ___RD C:\Users\Evelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-11 15:51 - 2013-12-11 15:51 - 00000000 _____ C:\Windows\setuperr.log
2013-12-11 15:45 - 2013-09-17 23:13 - 00000000 ____D C:\Users\Evelyn
2013-12-11 15:44 - 2013-09-18 00:03 - 00000000 ____D C:\Windows\Panther
2013-12-11 15:35 - 2013-09-17 23:15 - 00000000 ____D C:\ProgramData\DriverGenius
2013-12-11 15:34 - 2013-09-17 23:31 - 00000000 ____D C:\Users\Public\Documents\DriverGenius
2013-12-11 15:27 - 2013-12-11 15:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-11 15:24 - 2013-09-17 23:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-11 15:20 - 2013-12-11 15:20 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-11 15:18 - 2013-12-11 15:18 - 00000000 ____D C:\ProgramData\ATI
2013-12-11 15:17 - 2013-12-11 15:17 - 00055617 _____ C:\Windows\SysWOW64\CCCInstall_201312111517229528.log
2013-12-11 15:17 - 2013-12-11 15:17 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-11 15:17 - 2013-09-17 23:47 - 00000000 ____D C:\ProgramData\AMD
2013-12-11 15:16 - 2013-09-17 23:45 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-11 15:12 - 2013-12-11 15:11 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-11 15:09 - 2013-09-18 00:29 - 00000000 ____D C:\ProgramData\AmUStor
2013-12-11 15:09 - 2013-09-18 00:29 - 00000000 ____D C:\Program Files (x86)\AmIcoSingLun
2013-12-11 15:08 - 2013-09-18 00:46 - 00000000 ____D C:\Program Files\Intel
2013-12-11 10:16 - 2013-10-21 20:37 - 00000000 ____D C:\Users\Evelyn\Documents\BOOKLOOKER
2013-12-11 03:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 02:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2013-12-11 01:19 - 2013-09-18 00:35 - 01606202 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-11 01:19 - 2009-07-14 18:58 - 00704002 _____ C:\Windows\system32\perfh007.dat
2013-12-11 01:19 - 2009-07-14 18:58 - 00151140 _____ C:\Windows\system32\perfc007.dat
2013-12-11 01:18 - 2009-07-14 06:13 - 01606202 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 01:12 - 2009-07-14 05:45 - 00417024 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 01:08 - 2013-09-18 00:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 01:05 - 2013-09-18 20:13 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 01:04 - 2013-09-18 20:13 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 22:58 - 2013-12-10 22:58 - 05120000 _____ C:\Users\Evelyn\Downloads\Weiss_118.pps
2013-12-10 22:54 - 2013-12-10 22:54 - 02158592 _____ C:\Users\Evelyn\Downloads\Mann_und_Frau6.pps
2013-12-10 22:53 - 2013-12-10 22:53 - 05028249 _____ C:\Users\Evelyn\Downloads\Bij_de_chinees11.wmv
2013-12-10 22:52 - 2013-12-10 22:52 - 03251750 _____ C:\Users\Evelyn\Downloads\ohrfeige_in_zeitlupe.avi
2013-12-10 22:39 - 2013-12-10 22:39 - 01690624 _____ C:\Users\Evelyn\Downloads\Frohe_Weihnachtszeit.pps
2013-12-10 22:31 - 2013-12-10 22:31 - 03754496 _____ C:\Users\Evelyn\Downloads\Licht.pps
2013-12-10 17:20 - 2013-12-10 17:20 - 00000000 ____D C:\FRST
2013-12-10 00:11 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Laberecke
2013-12-09 21:08 - 2013-12-09 21:08 - 08135605 _____ C:\Users\Evelyn\Downloads\Krabben_.ppsx
2013-12-09 21:06 - 2013-12-09 21:06 - 14337701 _____ C:\Users\Evelyn\Downloads\Vossen.ppsx
2013-12-09 21:04 - 2013-12-09 21:04 - 05800848 _____ C:\Users\Evelyn\Downloads\An_der_Schlei.ppsx
2013-12-09 20:55 - 2013-12-09 20:55 - 05685711 _____ C:\Users\Evelyn\Downloads\oh_diese_Musik.wmv
2013-12-09 20:51 - 2013-12-09 20:51 - 00963072 _____ C:\Users\Evelyn\Downloads\EgalwoDubist.pps
2013-12-08 21:45 - 2013-12-08 21:45 - 14957500 _____ C:\Users\Evelyn\Downloads\Vis_1.ppsx
2013-12-08 21:44 - 2013-12-08 21:44 - 10905257 _____ C:\Users\Evelyn\Downloads\Bloemen_9.ppsx
2013-12-08 21:42 - 2013-12-08 21:42 - 00376320 _____ C:\Users\Evelyn\Downloads\Antiquus_1095_-_Cartoon041_oe_Nach_der_Arbeit.pps
2013-12-08 21:41 - 2013-12-08 21:40 - 06925278 _____ C:\Users\Evelyn\Downloads\ATT00197.wmv
2013-12-08 18:45 - 2013-12-08 18:45 - 02574848 _____ C:\Users\Evelyn\Downloads\HUND_KATZE.pps
2013-12-08 18:23 - 2013-12-08 18:23 - 01870848 _____ C:\Users\Evelyn\Downloads\Wohlfuehlgedanken_8.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02818560 _____ C:\Users\Evelyn\Downloads\Kleinwagen.pps
2013-12-07 23:47 - 2013-12-07 23:47 - 02613760 _____ C:\Users\Evelyn\Downloads\Bischof-1.pps
2013-12-07 19:29 - 2013-12-07 19:29 - 00900096 _____ C:\Users\Evelyn\Downloads\Lieferung.pps
2013-12-07 19:21 - 2013-12-07 19:21 - 00656896 _____ C:\Users\Evelyn\Downloads\Japanese_IQ-Test.xls
2013-12-07 19:12 - 2013-12-07 19:12 - 00062976 _____ C:\Users\Evelyn\Downloads\Gefuehle.pps
2013-12-07 19:10 - 2013-12-07 19:10 - 14461832 _____ C:\Users\Evelyn\Downloads\Stenen.ppsx
2013-12-07 19:08 - 2013-12-07 19:08 - 14780001 _____ C:\Users\Evelyn\Downloads\Okavango_2.ppsx
2013-12-06 22:13 - 2013-12-06 22:13 - 01470464 _____ C:\Users\Evelyn\Downloads\7.pps
2013-12-06 09:42 - 2013-12-06 09:42 - 08225509 _____ C:\Users\Evelyn\Downloads\zukunft.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 15152336 _____ C:\Users\Evelyn\Downloads\Bladeren_2.ppsx
2013-12-06 09:39 - 2013-12-06 09:39 - 14888206 _____ C:\Users\Evelyn\Downloads\Okavango_1.ppsx
2013-12-06 09:25 - 2013-12-06 09:25 - 07470061 _____ C:\Users\Evelyn\Downloads\Eine_sinnvolle_Sache.wmv
2013-12-06 09:25 - 2013-12-06 09:25 - 03308032 _____ C:\Users\Evelyn\Downloads\Was_man_ueber_den_Nikolaus_wissen_sollte.pps
2013-12-05 19:17 - 2013-12-05 19:17 - 06802944 _____ C:\Users\Evelyn\Downloads\Gelb_92.pps
2013-12-05 19:14 - 2013-12-05 19:14 - 03412992 _____ C:\Users\Evelyn\Downloads\2012_21_12_pd_besinnliche-weihnachtszeit.pps
2013-12-05 19:11 - 2013-12-05 19:11 - 00097280 _____ C:\Users\Evelyn\Downloads\Gruss_vom_Weihnachtsmann.pps
2013-12-05 07:05 - 2013-11-30 17:47 - 00000000 ____D C:\Users\Evelyn\Desktop\Sprüche
2013-12-05 00:27 - 2013-11-07 21:11 - 00000000 ____D C:\Users\Evelyn\Downloads\wmv
2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pps
2013-12-05 00:27 - 2013-11-07 21:09 - 00000000 ____D C:\Users\Evelyn\Downloads\pdf
2013-12-05 00:25 - 2013-11-30 17:48 - 00000000 ____D C:\Users\Evelyn\Desktop\Neuer Ordner
2013-12-04 18:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-02 02:47 - 2013-11-10 21:04 - 00000000 ____D C:\Users\Evelyn\Documents\2013-11-10
2013-12-02 02:47 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\SONSTIGES
2013-11-30 17:56 - 2013-11-30 17:55 - 00000000 ____D C:\Users\Evelyn\Desktop\Haderer
2013-11-29 21:29 - 2013-09-21 21:51 - 00000000 ____D C:\Users\Evelyn\Documents\SCHRIFTWECHSEL
2013-11-29 09:22 - 2013-10-11 21:40 - 00000000 ____D C:\Users\Evelyn\Documents\GEDICHTE
2013-11-23 19:26 - 2013-12-11 01:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-11 01:02 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-22 02:10 - 2013-09-18 23:48 - 00000000 ___RD C:\Users\Evelyn\Desktop\WARTUNG
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files\Common Files\AVM
2013-11-22 02:01 - 2013-11-22 02:01 - 00000000 ____D C:\Program Files (x86)\FRITZ!DSL
2013-11-22 02:01 - 2013-09-18 16:29 - 00000000 ____D C:\Program Files\FRITZ!DSL
2013-11-22 01:43 - 2013-09-18 16:59 - 00000000 ___RD C:\Users\Evelyn\Desktop\Alo-Support
2013-11-19 20:37 - 2013-11-19 20:37 - 00591000 _____ C:\Users\Evelyn\Documents\Kater greift nachts an, wärend ich schlafe (Katze, Erziehung, Tiere).mht
2013-11-18 16:37 - 2013-11-18 16:37 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\vlc
2013-11-18 16:37 - 2013-09-18 15:53 - 00000000 ___RD C:\Users\Evelyn\Desktop\Verknüpfungen
2013-11-18 10:00 - 2013-11-18 09:31 - 00087552 _____ C:\Users\Evelyn\Documents\Wossidlo wg. SA-Klage.pub
2013-11-18 09:31 - 2013-11-15 10:10 - 00072192 _____ C:\Users\Evelyn\Desktop\Amtsgericht wg. Betreuung 2.pub
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-11-16 13:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-16 13:28 - 2013-09-18 18:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-16 13:28 - 2013-09-18 18:04 - 00000000 ____D C:\ProgramData\Adobe
2013-11-16 13:28 - 2013-09-18 18:03 - 00000000 ____D C:\Users\Evelyn\AppData\Local\Adobe
2013-11-16 13:28 - 2013-09-18 01:50 - 00000000 ____D C:\Users\Evelyn\AppData\Roaming\Adobe
2013-11-12 06:33 - 2013-11-12 06:33 - 00000000 ____D C:\first_launch
2013-11-12 06:33 - 2013-09-18 22:08 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-11-12 06:33 - 2013-09-18 22:08 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-11-12 06:33 - 2013-09-18 22:08 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-11-12 03:23 - 2013-12-11 01:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-11-12 03:07 - 2013-12-11 01:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-11-11 17:41 - 2013-10-01 13:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-11-11 12:00 - 2013-11-11 12:00 - 00000228 _____ C:\Users\Evelyn\Documents\PTBSync-DeletedEvents-Evelyn.txt

Some content of TEMP:
====================
C:\Users\Evelyn\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 00:33

==================== End Of Log ============================

--- --- ---

--- --- ---

Liebe Grüße, Alois

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Hi,

sollte der PC "sauber" sein, so habe ich zwei Theorien:

1) Nicht immer funktionieren die Standardeinstellungen auch auf allen Hardwarekonfigurationen

2) Manchmal muss noch einmal installiert werden, damit ein Programm tatsächlich tadellos funzt

Zunächst einmal habe ich meine eigenen Einstellungen mit "easy transfer" von Win7 von meinem Rechner auf den meiner Freundin übertragen - mal sehen, ob das etwas ändert.....

falls nicht, fasse ich auch eine Reparaturinstallation ins Auge - was meinst du dazu?

Übrigens, allein das Dokument über die Einstellungen des IE von MS hat fast 200 Seiten

PS: Finde es toll, wie du hier hilfst, denn ich habe mal selbst während meines Studiums einen Vollzeitjob gehabt

Liebe Grüße, Alois

schrauber · 12.12.2013, 12:52

Zitat:

falls nicht, fasse ich auch eine Reparaturinstallation ins Auge - was meinst du dazu?

wäre mein nächster Vorschlag.

Zitat:

Finde es toll, wie du hier hilfst, denn ich habe mal selbst während meines Studiums einen Vollzeitjob gehabt

Das hier ist ja nur für den Spas, neben Studium und Vollzeit-Job (und noch nem Nebenjob)

Alois S · 12.12.2013, 23:39

Hallo schrauber,

vielen Dank für deine Antwort!
na, dann mal abwarten, was weiter passiert - Richtiger Datenträger mit Sp1 und Key liegen bereit und 2neue Images sind sicherheitshalber gerade angelegt worden

und überarbeite dich nicht, ja?

Liebe Grüße, Alois

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Zwischenmeldung: Seit dem "easy Transfer" aller meiner Einstellungen ist auf dem Rechner meiner Freundin kein weiterer Fehler aufgetreten - falls das so bleibt.....

-------------------------------------------------------------------------------------------------------------------------

schrauber · 13.12.2013, 20:11

klingt doch gut

Alois S · 14.12.2013, 02:34

Hallo schrauber,

unglaublich-aber wahr: Die Kiste läuft wie geschmiert - es lag also doch an irgendwelchen Einstellungen.....

Da sie aber auch meine restriktiven Sicherheitsrichtlinien geerbt hat, läuft "NortonGhost" klarerweise nicht (halte ich nicht unbedingt für einen Fehler - das Ding war zwar mal gut, aber......) - jetzt hat sie eben Acronis

Nur gut, dass sie keine "Gamerin" ist - sonst müsste ich die Regeln wohl ändern

Vielen Dank für deine Hilfe

und liebe Grüße, Alois

schrauber · 14.12.2013, 08:04

Gern Geschehen

13.12.2013, 20:11	#8
schrauber /// the machine /// TB-Ausbilder	Verdacht auf Malware (Win7, nicht dringend) klingt doch gut __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.12.2013, 08:04	#10
schrauber /// the machine /// TB-Ausbilder	Verdacht auf Malware (Win7, nicht dringend) Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Verdacht auf Malware (Win7, nicht dringend)

Plagegeister aller Art und deren Bekämpfung: Verdacht auf Malware (Win7, nicht dringend)