Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.12.2013, 17:21   #1
Brombeere
 
Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Beitrag

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



Liebes Trojaner-Board Team,

seit heute morgen wird unser Mail-Konto bei web.de mit Mails überschwemmt, die darauf hindeuten, dass mit unserer eMail-Adresse Mails an Leute verschickt werden, die wir aber gar nicht kennen.
Sie landen dann mit dem Absender "keineantwortadresse@web.de" in unserem "Unbekannt"-Ordner. Die Mails liegen noch auf dem Server und wurden nicht mit Thunderbird abgerufen.

Beispielhaft sieht der Inhalt so aus (unsere Mail-Adresse habe ich hir auf xx.xxxxxx@web.de geändert:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of
its recipients. This is a permanent error. The following address
failed:

<annika.kuptz@gmx.de>

Reason:
virus/suspect content found


--- The header of the original message is following. ---

Received: from Anmeldung2 ([217.91.187.193]) by smtp.web.de (mrweb101) with
ESMTPSA (Nemesis) id 0LpfC6-1VK4EG27dO-00fV9r for <annika.kuptz@gmx.de>; Tue,
10 Dec 2013 13:50:46 +0100
From: "=?utf-8?q?Rechtsanw=C3=A4lte?=" <xx.xxxxxx@web.de>
To: "Annika Kuptz" <annika.kuptz@gmx.de>
Subject: An Annika Kuptz: Schadensersatz Ihrer Urheberrechtsverletzung 10.12.2013
Date: Tue, 10 Dec 2013 12:50:33 GMT
MIME-Version: 1.0
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-Priority: 3
Content-Type: multipart/mixed; boundary="=-XC00CF66BD"
Message-ID: <0LgYG1-1VBa2F3y7h-00nzcK@smtp.web.de>
X-Provags-ID: V03:K0:U2cQJANKaFnwo60laTYKpZI5ZQZFLctStrGi+30gt/30+WLP28m
FL2QNVDnzy9rioLqsFcq0n7+Lcxx91oDX9B/5XMOkMknkBIKQ0wDdcAcAEjh2RT6xqi5jqy
L06iVIy2BbqnhGksEzZe90Yf/SNDYjUgXSV7lOEWFYtrf3L+2z7AveRBsUy63lblXTigIDg
rWEUNuUxGTW5QuiHsx8DA==


Es wäre super, wenn ihr uns helfen könntet!
Vielen Dank vorab!
Brombeere

Alt 10.12.2013, 17:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Standard

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.12.2013, 17:53   #3
Brombeere
 
Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Standard

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



Hallo schrauber,
vielen Dank für die schnelle Antwort.
Hier die Auswertung von FRST:



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by Silberlin (administrator) on SILBER on 10-12-2013 18:28:12
Running from C:\Users\Silberlin\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-11-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [191544 2012-11-27] (Lenovo(beijing) Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-25] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = 
SearchScopes: HKCU - {58E923FF-4E01-4549-9760-2C4CB548DA65} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default
FF Homepage: https://ixquick.com/deu
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireShot - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: WOT - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firefox - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\firefox@ghostery.com.xpi
FF Extension: trackmenot - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\trackmenot@mrl.nyu.edu.xpi
FF Extension: noscript - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: greasemonkey - C:\Users\Silberlin\AppData\Roaming\Mozilla\Firefox\Profiles\3p09hq2v.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Docs) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Safe Money) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Freemake Video Converter) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (Gmail) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Silberlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-12] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-04-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-12] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 18:28 - 2013-12-10 18:28 - 00026272 _____ C:\Users\Silberlin\Desktop\FRST.txt
2013-12-10 18:27 - 2013-12-10 18:27 - 00000000 ____D C:\FRST
2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Downloads\FRST64.exe
2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Desktop\FRST64.exe
2013-12-07 17:26 - 2013-12-07 17:26 - 00001518 _____ C:\Users\Silberlin\Downloads\URLLink(3).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001510 _____ C:\Users\Silberlin\Downloads\URLLink(4).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001501 _____ C:\Users\Silberlin\Downloads\URLLink(1).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001498 _____ C:\Users\Silberlin\Downloads\URLLink(2).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001484 _____ C:\Users\Silberlin\Downloads\URLLink.acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(6).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(5).acsm
2013-11-26 20:52 - 2013-11-26 20:52 - 00000000 _____ C:\WINDOWS\OpPrintServer.INI
2013-11-26 20:50 - 2013-11-26 20:50 - 00002585 _____ C:\Users\Public\Desktop\ZoomBrowser EX.lnk
2013-11-26 20:49 - 2013-11-26 20:49 - 00002031 _____ C:\Users\Public\Desktop\FileViewerUtility.lnk
2013-11-26 20:48 - 2013-11-26 20:53 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-21 23:30 - 2013-11-27 20:57 - 00005144 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber
2013-11-16 20:57 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-16 20:57 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-16 20:57 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-16 20:57 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-16 20:56 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-16 20:56 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-16 20:56 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-16 20:56 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-16 20:56 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-16 20:56 - 2013-11-05 15:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-16 20:56 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-16 20:56 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-16 20:56 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-16 20:56 - 2013-10-23 06:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 20:56 - 2013-10-23 06:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-16 20:56 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 20:56 - 2013-10-23 05:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-16 20:56 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-16 20:56 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-16 20:56 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-16 20:56 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-16 20:56 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-16 20:56 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-16 20:56 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-16 20:56 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-16 20:56 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-16 20:56 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-16 20:56 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-16 20:56 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-16 20:56 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-16 20:56 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-16 20:56 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-16 20:56 - 2013-10-19 10:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-16 20:56 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-16 20:56 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-16 20:56 - 2013-10-19 07:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-16 20:56 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-16 20:56 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-16 20:56 - 2013-10-19 04:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-16 20:56 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-16 20:56 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-16 20:56 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-16 20:56 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-16 20:56 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-16 20:56 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-16 20:56 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-16 20:56 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-16 20:56 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-16 20:56 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-16 20:56 - 2013-10-11 16:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-16 20:56 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-16 20:56 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-16 20:56 - 2013-10-11 14:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-16 20:56 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-16 20:56 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-16 20:56 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-16 20:56 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-16 20:56 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-16 20:56 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-16 20:56 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-16 20:56 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-16 20:56 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-16 20:56 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-16 20:56 - 2013-10-10 11:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-16 20:56 - 2013-10-10 11:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-16 20:56 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-16 20:56 - 2013-10-08 12:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-16 20:56 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-16 20:56 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-16 20:56 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-16 20:56 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-16 20:56 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-16 20:56 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-16 20:56 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-16 20:56 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-16 20:56 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-16 20:56 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-16 20:56 - 2013-10-07 08:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-16 20:56 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-16 20:56 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-16 20:56 - 2013-10-05 16:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-16 20:56 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-16 20:56 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-16 20:56 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-16 20:56 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-16 20:56 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-16 20:56 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-16 20:56 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-16 20:56 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-16 20:56 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-16 20:56 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-16 20:56 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-16 20:56 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-16 20:56 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-16 20:56 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-16 20:56 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-16 20:56 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-16 20:56 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-16 20:56 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-16 20:56 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-16 20:56 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-16 20:56 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-16 20:56 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-16 20:56 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-16 20:56 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-16 20:56 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-16 20:56 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-16 20:56 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-16 20:56 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-16 20:56 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-16 20:56 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-16 20:56 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-16 20:56 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-16 20:56 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-16 20:56 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-16 20:56 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-16 20:56 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-16 20:56 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-16 20:56 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-16 20:56 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-16 20:56 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-16 20:56 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-16 20:56 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-16 20:56 - 2013-09-11 13:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-16 20:56 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-16 20:56 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-16 20:56 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-16 08:55 - 2013-11-16 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 06:16 - 2013-10-19 09:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-13 06:16 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-13 06:16 - 2013-10-19 07:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-13 06:16 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-13 06:16 - 2013-10-19 06:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-13 06:16 - 2013-10-19 06:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-13 06:16 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-13 06:16 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-13 06:16 - 2013-10-19 05:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-13 06:16 - 2013-10-19 05:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-13 06:16 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-13 06:16 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-13 06:16 - 2013-10-19 04:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-13 06:16 - 2013-10-19 04:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-13 06:16 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-13 06:16 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-13 06:16 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-13 06:16 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-13 06:16 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-13 06:16 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-13 06:16 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-13 06:16 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-13 06:16 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-11 10:00 - 2013-11-11 10:00 - 00000000 ____D C:\Users\Silberlin\Documents\Christina
2013-11-10 10:41 - 2013-11-10 10:41 - 00000000 ____D C:\Program Files\Kyocera
2013-11-10 10:40 - 2013-11-10 10:40 - 00000000 ____D C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed
2013-11-10 10:38 - 2013-11-10 10:39 - 72584830 _____ C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed.zip
2013-11-10 10:29 - 2013-11-10 10:29 - 00001002 _____ C:\Users\Silberlin\Desktop\Kyocera FS-1030D - Verknüpfung.lnk
2013-11-10 10:19 - 2013-11-10 10:19 - 00000000 ___RD C:\WINDOWS\BrowserChoice

==================== One Month Modified Files and Folders =======

2013-12-10 18:28 - 2013-12-10 18:28 - 00026272 _____ C:\Users\Silberlin\Desktop\FRST.txt
2013-12-10 18:27 - 2013-12-10 18:27 - 00000000 ____D C:\FRST
2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Downloads\FRST64.exe
2013-12-10 18:26 - 2013-12-10 18:26 - 01927982 _____ (Farbar) C:\Users\Silberlin\Desktop\FRST64.exe
2013-12-10 18:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-10 17:57 - 2013-02-12 19:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-10 17:56 - 2013-02-09 18:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 16:32 - 2013-02-09 17:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-10 15:56 - 2013-02-09 18:40 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-10 15:51 - 2013-02-09 18:40 - 00004102 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-10 15:51 - 2013-02-09 18:40 - 00003866 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 15:12 - 2013-11-08 15:47 - 01131943 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-10 15:10 - 2012-08-02 15:09 - 00030304 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klim6.sys
2013-12-10 15:10 - 2012-06-19 17:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2013-12-10 14:52 - 2013-11-08 16:27 - 00000000 __RDO C:\Users\Silberlin\SkyDrive
2013-12-10 14:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-09 22:56 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-09 22:56 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-09 22:56 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-09 17:43 - 2013-02-09 17:18 - 00000000 ____D C:\Users\Silberlin\AppData\Local\Packages
2013-12-09 01:08 - 2013-02-09 17:26 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3245869769-487074814-1224063536-1002
2013-12-08 22:53 - 2013-08-22 15:46 - 00334241 _____ C:\WINDOWS\setupact.log
2013-12-08 22:26 - 2013-11-08 15:53 - 00000000 ____D C:\Users\Silberlin
2013-12-08 22:13 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-07 17:26 - 2013-12-07 17:26 - 00001518 _____ C:\Users\Silberlin\Downloads\URLLink(3).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001510 _____ C:\Users\Silberlin\Downloads\URLLink(4).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001501 _____ C:\Users\Silberlin\Downloads\URLLink(1).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001498 _____ C:\Users\Silberlin\Downloads\URLLink(2).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001484 _____ C:\Users\Silberlin\Downloads\URLLink.acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(6).acsm
2013-12-07 17:26 - 2013-12-07 17:26 - 00001470 _____ C:\Users\Silberlin\Downloads\URLLink(5).acsm
2013-12-03 21:44 - 2013-03-02 20:48 - 00000000 ____D C:\Users\Silberlin\Documents\Nicolas
2013-12-02 10:14 - 2013-04-23 10:07 - 00000000 ____D C:\Users\Silberlin\Documents\Bernd
2013-11-29 09:35 - 2013-02-12 15:54 - 00000000 ____D C:\Users\Silberlin\Documents\Silke
2013-11-27 20:57 - 2013-11-21 23:30 - 00005144 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber
2013-11-26 21:01 - 2013-09-29 20:04 - 00013474 _____ C:\WINDOWS\PFRO.log
2013-11-26 21:01 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-26 21:01 - 2013-08-03 11:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-26 20:53 - 2013-11-26 20:48 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-26 20:53 - 2012-11-27 01:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-26 20:52 - 2013-11-26 20:52 - 00000000 _____ C:\WINDOWS\OpPrintServer.INI
2013-11-26 20:50 - 2013-11-26 20:50 - 00002585 _____ C:\Users\Public\Desktop\ZoomBrowser EX.lnk
2013-11-26 20:49 - 2013-11-26 20:49 - 00002031 _____ C:\Users\Public\Desktop\FileViewerUtility.lnk
2013-11-21 21:34 - 2013-02-09 17:53 - 00000000 ____D C:\ldiag
2013-11-20 15:24 - 2013-10-18 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-19 06:10 - 2013-02-11 16:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-18 12:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-17 16:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-11-17 07:32 - 2013-02-09 17:20 - 00000000 ___RD C:\Users\Silberlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 07:32 - 2013-02-09 17:20 - 00000000 ___RD C:\Users\Silberlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-17 07:29 - 2013-08-22 15:44 - 00682216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-17 00:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-16 08:55 - 2013-11-16 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 16:05 - 2013-08-04 14:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-13 16:04 - 2013-02-10 11:29 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-11 10:00 - 2013-11-11 10:00 - 00000000 ____D C:\Users\Silberlin\Documents\Christina
2013-11-10 10:41 - 2013-11-10 10:41 - 00000000 ____D C:\Program Files\Kyocera
2013-11-10 10:40 - 2013-11-10 10:40 - 00000000 ____D C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed
2013-11-10 10:39 - 2013-11-10 10:38 - 72584830 _____ C:\Users\Silberlin\Downloads\KX_610826_UPD_Signed.zip
2013-11-10 10:29 - 2013-11-10 10:29 - 00001002 _____ C:\Users\Silberlin\Desktop\Kyocera FS-1030D - Verknüpfung.lnk
2013-11-10 10:19 - 2013-11-10 10:19 - 00000000 ___RD C:\WINDOWS\BrowserChoice

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-09 01:08

==================== End Of Log ============================
         
--- --- ---

--- --- ---



und nun Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2013
Ran by Silberlin at 2013-12-10 18:29:02
Running from C:\Users\Silberlin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.8.0.1430)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Amazon Browser App (x32 Version: 1.0.0.0)
Anno 1404 (x32 Version: 1.00.0000)
ANNO 1404 (x32 Version: 1.02.0000)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7)
Benutzerhandbuch (x32 Version: 1.0.0.9)
Bonjour (Version: 3.0.0.10)
Camera Window (x32 Version: 4.5.2)
Canon Camera WIA Driver (x32 Version: 5.2)
Canon Camera Window for ZoomBrowser EX (x32 Version: 4.5.2)
Canon EOS Kiss REBEL 300D WIA-Treiber (x32 Version: 5.2)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.3.1)
Canon PhotoRecord (x32 Version: 02.00.00029)
Canon RAW Image Task for ZoomBrowser EX (x32 Version: 0.9.0)
Canon RemoteCapture Task for ZoomBrowser EX (x32 Version: 0.9.0)
Canon Utilities File Viewer Utility 1.3 (x32 Version: 1.3.2)
Canon Utilities PhotoStitch 3.1 (x32 Version: 3.1.10)
Canon Utilities RemoteCapture 2.7 (x32 Version: 2.7.5)
Canon Utilities ZoomBrowser EX (x32 Version: 04.05.01148)
CDBurnerXP (x32 Version: 4.5.2.4214)
CDex - Open Source Digital Audio CD Extractor (x32 Version: 1.70.4.2009)
CIG (x32 Version: 1.3.1)
Classic Shell (Version: 3.6.8)
Conexant HD Audio (Version: 8.54.44.50)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
CorelDRAW Graphics Suite X5 - BR (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - CZ (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - DE (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - ES (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - FR (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM HSE (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - IT (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - NL (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - PL (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - RU (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3)
CorelDRAW Home & Student Suite X5 - Extra Content (x32 Version: 15.0)
CorelDRAW Home & Student Suite X5 - Extra Content (x32)
CorelDRAW Home & Student Suite X5 (x32 Version: 15.1)
CorelDRAW(R) Home & Student Suite X5 (x32 Version: 15.2.0.686)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
Energy Management (x32 Version: 8.0.2.4)
ESET Online Scanner v3 (x32)
File Viewer Utility 1.3.2 (x32 Version: 1.3.2)
FormatFactory 3.1.1 (x32 Version: 3.1.1)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.22.3)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP Officejet 6500 E710n-z Hilfe (x32 Version: 140.0.2.2)
HP Update (x32 Version: 5.003.003.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3316)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190)
Kyocera Product Library (Version: 4.2.1909)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.1901)
Lenovo EasyCamera (x32 Version: 6.1.7600.167)
Lenovo OneKey Recovery (Version: 8.0.0.0710)
Lenovo OneKey Recovery (x32 Version: 8.0.0.0710)
Lenovo pointing device (Version: 11.4.3.3)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52)
Lenovo Solution Center (Version: 2.2.002.00)
Lenovo YouCam (x32 Version: 4.1.3127)
Lenovo_Wireless_Driver (x32 Version: 6.30.5926)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1005)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MP4 To MP3 Converter V3.0.4 (x32)
NVIDIA Grafiktreiber 327.02 (Version: 327.02)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 327.02 (Version: 327.02)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005)
PhotoStitch (x32 Version: 3.1.10)
Power2Go (x32 Version: 5.6.0.9109)
QuickTime (x32 Version: 7.74.80.86)
RAW Image Task (x32 Version: 0.9.0)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
RemoteCapture 2.7.5 (x32 Version: 2.7.5)
RemoteCapture Task (x32 Version: 0.9.0)
Shared C Run-time for x64 (Version: 10.0.0)
SugarSync Manager (x32 Version: 1.9.61.90905)
UserGuide (x32 Version: 1.0.0.9)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733)

==================== Restore Points  =========================

24-11-2013 12:09:04 Geplanter Prüfpunkt
26-11-2013 19:46:43 Installiert Solution Disk
05-12-2013 13:56:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09AFB28F-B8D6-4D08-830D-AAB46A36A07B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SILBER-Silberlin Silber => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-13] (Microsoft Corporation)
Task: {1BBAC3E8-97D0-4703-9298-C176928731FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DC97405-595D-4E07-A35F-CBC29A51BE5F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {42B35F49-430B-4396-95B8-6BD2C06AD5FA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6C49BDC5-C933-40F0-9473-AD494EACF56A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {829872D0-0125-4288-847E-CF1AC3C3CB8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {85F348D5-531D-4DF8-8699-3C583C7025FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {865A8E28-6A1B-401B-BC6A-6173502BC38A} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AF697E28-A703-4764-8D47-4CA0833D16C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)
Task: {C7C986BC-E9BB-472B-BFB8-492F1C04DF3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {C8F2159E-2DF7-4C65-960D-34D0338F50B5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1A93523-A1A6-4EED-8791-71970184E6AF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EADB50C2-33DC-42B7-BAE9-683EBFB5FE7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\System32\pla.dll [2013-08-22] (Microsoft Corporation)
Task: {F187CD5D-A7F5-4AA9-9580-4FAABA69888F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {FFFD68F7-43BA-4D2A-AD0D-ECDE9629D53F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-26 15:48 - 2012-08-26 15:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2013-09-30 04:59 - 2013-09-30 04:59 - 00180224 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 21:39 - 2013-02-09 18:06 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-11-27 01:00 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-11-13 05:59 - 2013-11-13 05:59 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-11-13 05:59 - 2013-11-13 05:59 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-11-16 08:55 - 2013-11-16 08:55 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Silberlin\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 06:26:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/10/2013 03:06:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 57284172

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 57284172

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/09/2013 03:03:22 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/09/2013 01:15:39 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (12/08/2013 11:01:54 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f}

Error: (12/08/2013 11:00:51 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f}

Error: (12/08/2013 10:16:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15422


System errors:
=============
Error: (12/10/2013 02:54:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/09/2013 05:14:37 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:8109:8ec0:5c8::2 mit dem Computer mit der
Netzwerkhardwareadresse 18-AF-61-47-CB-27 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (12/09/2013 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2013 10:18:41 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2013 10:16:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/08/2013 10:16:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/08/2013 10:13:42 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎12.‎2013 um 20:16:00 unerwartet heruntergefahren.

Error: (12/08/2013 10:57:51 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2013 10:37:47 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2013 03:12:53 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (12/10/2013 06:26:41 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Silberlin\Downloads\esetsmartinstaller_enu.exe

Error: (12/10/2013 03:06:30 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 57284172

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 57284172

Error: (12/10/2013 02:51:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/09/2013 03:03:22 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/09/2013 01:15:39 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/08/2013 11:01:54 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f}

Error: (12/08/2013 11:00:51 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9bc4387a-cb33-444d-8f2d-9deb678e7c4f}

Error: (12/08/2013 10:16:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15422


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8057.77 MB
Available physical RAM: 5528.17 MB
Total Pagefile: 9337.77 MB
Available Pagefile: 6711.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.84 GB) (Free:746.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 66F0384E)

Partition: GPT Partition Type
==================== End Of Log ============================
         
Ich hoffe du kannst damit etwas anfangen.
Brombeere
__________________

Alt 11.12.2013, 09:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Standard

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



Passwort zum Mail Account schon geändert? Seither immer noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.12.2013, 20:28   #5
Brombeere
 
Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Standard

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



Hi schrauber,
PW habe ich geändert und "Problem" auch web.de gemeldet. Seit gestern abend ist es vorerst ruhig. Keine weiteren Mails dieser Art.
Aus den log-Dateien war dann wohl nichts zu lesen?
Dir auf jeden Fall vielen Dank!
Brombeere


Alt 12.12.2013, 10:54   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Standard

Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut



Logs sind sauber. Die Email Accounts werden einfach nur gehackt, da brauchts keine Malware auf dem Rechner.
__________________
--> Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut

Antwort

Themen zu Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut
absender, anmeldung, content, could, delivery, express, gehackt, geändert, gmx.de, heute, inhalt, leute, mails, meldung, message, microsoft, morgen, nemesis, not, original, outlook, permanent, server, super, thunderbird, troja, unbekannt, verschickt



Ähnliche Themen: Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut


  1. Bekomme massen E-Mail "This message was created automatically by mail delivery software."
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (2)
  2. Mail-Account gehackt, nun "spontane Fenster" mit Aufforderung der Passworteingabe, Ausgangsserver verändert, Kaspersky findet nichts
    Log-Analyse und Auswertung - 20.11.2014 (14)
  3. Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!
    Log-Analyse und Auswertung - 14.04.2014 (78)
  4. Mail Delivery System Mails... Mail-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (7)
  5. "Dark Mail Alliance" arbeitet an abhörsicherer Mail
    Nachrichten - 31.10.2013 (0)
  6. Unmengen "Undeliverable Mail"-Eingänge, mail-Account jetzt gesperrt
    Log-Analyse und Auswertung - 15.10.2013 (9)
  7. E-Mail-Problem bei WEB.DE (Mail delivery failed: returning message to sender - keineantwortadresse@web.de )
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (11)
  8. Mail Bot - "keineantwortadresse@web.de" / OTL Auswertung
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (26)
  9. Gmx Konto Mail Flut MAILER-DAEMON@mail.gmx.com
    Log-Analyse und Auswertung - 19.03.2013 (2)
  10. E-Mail "Mail Delivery System" hundertfach im Posteingang
    Plagegeister aller Art und deren Bekämpfung - 15.01.2013 (13)
  11. e-Mail Flut mit mailer-daemon Meldungen
    Plagegeister aller Art und deren Bekämpfung - 21.12.2012 (24)
  12. "Falsche" E-Mail von Freund mit Link ins Netz -> Virus oder nur "Werbung"?
    Log-Analyse und Auswertung - 30.07.2012 (1)
  13. GEMA Trojaner aus Link in E-Mail erworben;Bildschirm zeigt "PC ist gesperrt" an "lt.Gema"
    Plagegeister aller Art und deren Bekämpfung - 27.02.2012 (7)
  14. Spam-Mail von meiner web.de-E-Mail-Adresse an alle Kontakte gesendet
    Log-Analyse und Auswertung - 22.02.2012 (27)
  15. E-mail Adresse und diverse Accounts gehackt
    Log-Analyse und Auswertung - 08.01.2011 (25)
  16. Spam-Mail mit eigener E-Mail Adresse
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (2)
  17. Heute schon über 30 "Mail Delivery System "Mail Delivery System" Mail bekommen
    Log-Analyse und Auswertung - 26.05.2008 (4)

Zum Thema Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut - Liebes Trojaner-Board Team, seit heute morgen wird unser Mail-Konto bei web.de mit Mails überschwemmt, die darauf hindeuten, dass mit unserer eMail-Adresse Mails an Leute verschickt werden, die wir aber gar - Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut...
Archiv
Du betrachtest: Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.