Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Habe ich den Bundespolizei Trojaner?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.01.2014, 14:28   #1
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Servus,

Vorgestern hat sich in meinem Browser (Opera) ein Fenster von der "Bundespolizei" geöffnet, mit diversen Anschuligungen (Raubkopien, etc.) und möglichen Strafen. Hab daraufhin mal ein bisschen gegoogelt und bin mir jetzt nicht sicher, ob ich mir den Bundespolizei-Trojaner eingefangen habe, oder nicht. Mir ist nicht aufgefallen, dass irgendwas gesperrt wäre und die Bundespolizei Seite konnte ich auch ganz normal schließen.

Das einzige was mir aufgefallen ist: mein abgesicherter Modus mit Eingabeaufforderung startet den PC automatisch neu, wenn er noch nicht mal komplett hochgefahren ist. Kann aber auch sein, dass das schon länger so ist. Habe den abgesicherten Modus schon lange nicht mehr genutzt.

Hier mal das Ergebnis des FRST64 scans:

FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Flo (administrator) on FLO-PC on 03-01-2014 14:03:05
Running from C:\Users\Flo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Dropbox, Inc.) C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Windows Net) C:\Users\Flo\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvbubble64x.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] - C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [942080 2013-07-11] (Siemens AG)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
MountPoints2: {43fe2bda-ad06-11df-8fe0-40618699eee6} - I:\Start.exe
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Flo\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1409A5548FC7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894
FF Homepage: hxxp://www.pandora.com/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20((url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*'))%20%7B%20return%20'PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Price Alarm) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-08] (Autodesk, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-08-20] ()
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [229520 2011-08-28] (soft Xpansion)
S2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259584 2013-04-10] (Siemens AG)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-21] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
U3 a9n5xd2k; C:\Windows\System32\Drivers\a9n5xd2k.sys [0 ] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-03 13:48 - 2014-01-03 14:03 - 00018911 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-03 13:42 - 2014-01-03 13:42 - 00000000 ____D C:\FRST
2014-01-03 13:41 - 2014-01-03 13:41 - 01931750 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-03 11:57 - 2014-01-03 13:06 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 11:54 - 2014-01-03 11:55 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2013-12-31 00:30 - 2014-01-03 13:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 00:30 - 2013-12-31 01:11 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 18:58 - 2013-12-27 19:23 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 __SHD C:\AX NF ZZ
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-18 18:22 - 2014-01-03 12:01 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-19 18:25 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:52 - 2013-12-19 18:24 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:49 - 2013-12-18 17:18 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-12 02:33 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 02:33 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 02:30 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 02:30 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 02:30 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 02:29 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 02:29 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 02:29 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 02:29 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 02:29 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 02:29 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 02:29 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 02:29 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 02:29 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 02:29 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 02:29 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 02:29 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 02:29 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:18 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 00:18 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:17 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:17 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 00:17 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 00:17 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:17 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 00:17 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 00:17 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:17 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 00:17 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 00:16 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 00:16 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:16 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-03 14:03 - 2014-01-03 13:48 - 00018911 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-03 13:55 - 2010-06-03 22:28 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B139B71D-C8AD-4276-91D7-AC94C1607EC2}
2014-01-03 13:52 - 2012-02-08 16:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-03 13:42 - 2014-01-03 13:42 - 00000000 ____D C:\FRST
2014-01-03 13:41 - 2014-01-03 13:41 - 01931750 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-03 13:41 - 2010-03-19 18:04 - 01099834 _____ C:\Windows\WindowsUpdate.log
2014-01-03 13:11 - 2013-12-31 00:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 13:06 - 2014-01-03 11:57 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 12:01 - 2013-12-18 18:22 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2014-01-03 11:57 - 2010-03-19 18:07 - 00000000 ____D C:\Users\Flo
2014-01-03 11:55 - 2014-01-03 11:54 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-03 11:42 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 11:42 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 11:37 - 2013-05-05 11:14 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Dropbox
2014-01-03 11:36 - 2013-05-05 11:19 - 00000000 ___RD C:\Users\Flo\Dropbox
2014-01-03 11:34 - 2013-06-01 13:44 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2014-01-03 11:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 11:34 - 2009-07-14 05:51 - 00181127 _____ C:\Windows\setupact.log
2014-01-02 21:36 - 2009-07-14 18:58 - 00701670 _____ C:\Windows\system32\perfh007.dat
2014-01-02 21:36 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2014-01-02 21:36 - 2009-07-14 06:13 - 01627016 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2014-01-02 12:23 - 2013-02-09 14:28 - 00000000 ____D C:\Users\Administrator
2014-01-02 12:23 - 2010-11-23 20:18 - 00000000 ____D C:\Users\postgres
2014-01-02 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-01 19:32 - 2013-07-14 09:47 - 00000000 ____D C:\Users\Flo\Downloads\Neuer Ordner
2013-12-31 15:17 - 2013-03-22 17:50 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-31 01:11 - 2013-12-31 00:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 01:11 - 2012-06-12 20:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 01:11 - 2011-07-05 01:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 00:36 - 2010-03-26 20:37 - 00000000 ____D C:\Users\Flo\AppData\Local\Adobe
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:19 - 2010-03-20 20:31 - 00000000 ____D C:\Users\Flo\AppData\Local\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 00:17 - 2010-03-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 01:04 - 2012-11-24 23:10 - 00000283 _____ C:\Users\Flo\Documents\Serien.txt
2013-12-28 14:50 - 2012-11-11 22:44 - 00000000 ____D C:\Users\Flo\Downloads\Randon Mukke
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 19:23 - 2013-12-27 18:58 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 __SHD C:\AX NF ZZ
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:25 - 2013-12-18 16:58 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-19 18:24 - 2013-12-18 16:52 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 19:37 - 2013-08-31 01:01 - 00000000 ____D C:\Users\Flo\AppData\Roaming\vlc
2013-12-18 18:16 - 2009-07-14 05:45 - 00495736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 18:14 - 2010-03-25 18:59 - 00307452 _____ C:\Windows\PFRO.log
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 18:01 - 2010-03-19 18:11 - 00136200 _____ C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 17:21 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2013-12-18 17:18 - 2013-12-18 16:49 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:53 - 2010-03-20 21:12 - 00059022 _____ C:\Windows\DPINST.LOG
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-15 02:29 - 2010-03-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-15 02:28 - 2013-08-15 00:44 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:25 - 2010-03-21 11:21 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 19:06 - 2013-06-06 22:39 - 00000000 ____D C:\Users\Flo\Downloads\Oldschool Mukke
2013-12-12 18:06 - 2010-03-25 22:06 - 00000000 ____D C:\Users\Flo\Football
2013-12-12 17:18 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Flo\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Flo\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Flo\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.3.exe
C:\Users\Flo\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Flo\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Flo\AppData\Local\Temp\ose00000.exe
C:\Users\Flo\AppData\Local\Temp\ose00001.exe
C:\Users\Flo\AppData\Local\Temp\QuickStores_Unlocker.exe
C:\Users\Flo\AppData\Local\Temp\wmqlglep.dll
C:\Users\Flo\AppData\Local\Temp\_is34C5.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 20:20

==================== End Of Log ============================
         
und Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2014
Ran by Flo at 2014-01-03 14:03:37
Running from C:\Users\Flo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 - Deutsch (x32 Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player (x32 Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.13.88 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.2 (x32 Version: 9.4.2 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
AVM FRITZ!Box Dokumentation (x32 Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (x32 Version:  - Treyarch)
Call of Duty: Black Ops (x32 Version:  - Treyarch)
Canon iP5200 (Version:  - )
CanoScan LiDE 90 (Version:  - )
CanoScan Toolbox Ver4.9 (x32 Version:  - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Counter-Strike: Global Offensive (x32 Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version:  - Microsoft)
Dia (nur entfernen) (x32 Version:  - )
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Eco Materials Adviser (x64) (Version: 1.32.0.0 - Granta Design Limited)
Freemake Video Converter Version 4.0.0 (x32 Version: 4.0.0 - Ellora Assets Corporation)
GIMP 2.6.10 (x32 Version: 2.6.10 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
HDR Darkroom Windows Version v4.0 (x32 Version: Windows Version v4.0 - HengTu, Inc.)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HL-2240D (x32 Version: 1.0.4.0 - Brother Industries, Ltd.)
HP Officejet 6100 Basic Device Software (Version: 25.0.617.0 - Hewlett-Packard Co.)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
Keil µVision4 (x32 Version:  - )
Madden NFL 08 (x32 Version:  - Electronic Arts)
MATLAB R2009b (Version: 7.9 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (x32 Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MKVToolNix 5.8.0 (x32 Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.00900 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OpenVPN 2.1.3 (x32 Version: 2.1.3 - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (x32 Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickStores-Toolbar 1.1.0 (x32 Version: 1.1.0 - AB-Tools.com) <==== ATTENTION
QuickTime (x32 Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (x32 Version: 3.4.5.0 - Rosetta Stone Ltd.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (Version: 16.0.16000.0000 - Autodesk)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Secure Download Manager (x32 Version: 3.1.30 - Kivuto Solutions Inc.)
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (x32 Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (x32 Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (x32 Version: 5.4.0502 - Siemens AG)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.2.9 (x32 Version: 3.2.9 - www.sopcast.com)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2012 (x32 Version: 17.08 - Wolters Kluwer Deutschland GmbH)
StreamTorrent 1.0 (x32 Version:  - )
TeamSpeak 3 Client (HKCU Version: 3.0.6 - TeamSpeak Systems GmbH)
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIPP10 Version 2.1.0 (x32 Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.0 (x32 Version: 1.1.0 - VideoLAN)
VMLite Workstation (Version: 3.2.6 - VMLite)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Utils (x32 Version:  - )
WinRAR (Version:  - )
Wise Registry Cleaner 7.63 (x32 Version:  - WiseCleaner.com, Inc.)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)

==================== Restore Points  =========================

01-01-2014 16:46:32 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {22D242C8-5075-4E9D-A49A-40DD9CB79369} - System32\Tasks\{945AE91C-FD85-4C43-9F6D-4A64241D7020} => C:\Spielewiese\Hi-Rez Studios\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe
Task: {245A4F72-84F2-4309-852B-2727A098E319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31] (Adobe Systems Incorporated)
Task: {51B1C918-4A81-45A1-BFAB-9501BFD38EB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5DD1A1FF-3B68-4752-A935-C924933E9152} - System32\Tasks\{91A2CC6C-EA2F-4FE1-93DF-1AE4FC58AB31} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {7B080D84-AB9B-4EE3-B5CD-DC1E37C71159} - System32\Tasks\{4B42A201-C678-40F1-9A20-6B2FEA2D280A} => C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe [2009-12-23] (Multidmedia Limited                 )
Task: {C427900B-A65C-4FA9-A2BB-E48F66864F7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CA9C8660-8FCE-4D9B-8CAD-BD6F48DBF2DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CDECEA2C-08A2-4B8E-AB5A-EAA9A27413CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-01-30 20:46 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-11-26 15:00 - 2012-11-26 15:00 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2010-04-01 19:08 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-07-04 20:27 - 2013-07-04 20:27 - 00848096 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 20:42 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-06-05 14:22 - 2013-06-05 14:22 - 00766176 _____ () C:\Windows\SysWOW64\sn_regbase.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Flo\AppData\Roaming\Dropbox\bin\libcef.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2011-12-16 15:20 - 2013-07-07 09:59 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2011-08-27 07:42 - 2013-07-07 09:59 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2009-02-27 16:40 - 2009-02-27 16:40 - 01712128 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.DEU
2009-02-27 16:39 - 2009-02-27 16:39 - 00999424 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.DEU
2009-02-27 16:40 - 2009-02-27 16:40 - 00274432 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.DEU
2009-12-21 23:17 - 2009-12-21 23:17 - 01060864 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.DEU
2009-02-27 16:42 - 2009-02-27 16:42 - 00049152 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.DEU
2009-10-03 01:48 - 2009-10-03 01:48 - 00106496 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.DEU
2009-02-27 16:42 - 2009-02-27 16:42 - 00057344 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.DEU
2009-10-03 01:45 - 2009-10-03 01:45 - 00012288 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.DEU
2013-12-31 00:30 - 2013-12-31 00:30 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2013-12-31 00:17 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2014 08:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18283

Error: (01/01/2014 08:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18283

Error: (01/01/2014 08:42:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/01/2014 08:41:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017

Error: (01/01/2014 08:41:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9017

Error: (01/01/2014 08:41:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/31/2013 04:18:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (12/31/2013 04:18:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (12/31/2013 04:18:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/29/2013 02:16:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8658


System errors:
=============
Error: (01/03/2014 11:34:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMLiteService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/03/2014 11:34:54 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst VMLiteService erreicht.

Error: (01/03/2014 11:34:09 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎03.‎01.‎2014 um 02:21:23 unerwartet heruntergefahren.

Error: (01/02/2014 07:45:39 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 13:26:21 unerwartet heruntergefahren.

Error: (01/02/2014 00:32:33 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 12:31:17 unerwartet heruntergefahren.

Error: (01/02/2014 11:26:26 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 11:25:07 unerwartet heruntergefahren.

Error: (01/02/2014 11:19:43 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 11:18:13 unerwartet heruntergefahren.

Error: (01/02/2014 09:51:57 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 00:17:42 unerwartet heruntergefahren.

Error: (01/01/2014 05:44:00 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/01/2014 05:43:57 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.


Microsoft Office Sessions:
=========================
Error: (11/28/2010 07:22:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8614 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 04:58:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4094 seconds with 3900 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:49:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:48:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8649 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:24:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 137 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:21:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5022 seconds with 4680 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2011-02-26 10:12:58.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 09:51:06.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 00:33:28.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 23:58:09.302
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 19:02:58.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 16:34:41.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 14:19:58.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 00:12:20.113
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-24 23:57:40.104
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-24 23:43:30.147
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 64%
Total physical RAM: 4094.3 MB
Available physical RAM: 1459.77 MB
Total Pagefile: 8186.79 MB
Available Pagefile: 5235.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1376.16 GB) (Free:790.55 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.63 GB) NTFS
Drive k: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:316.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: DF3FB8C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-721379393536) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2BB83C9B)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
wäre über jede Hilfe dankbar.

mfg Nacktmull

Alt 03.01.2014, 15:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________

__________________

Alt 04.01.2014, 00:59   #3
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Also, dann hier mal der ComboFix Log:

Code:
ATTFilter
ComboFix 14-01-04.02 - Flo 04.01.2014   0:37.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4094.2528 [GMT 1:00]
ausgeführt von:: c:\users\Flo\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\IsUn0407.exe
c:\windows\ST6UNST.000
K:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-03 bis 2014-01-03  ))))))))))))))))))))))))))))))
.
.
2014-01-03 23:51 . 2014-01-03 23:51	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2014-01-03 23:51 . 2014-01-03 23:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-03 23:51 . 2014-01-03 23:51	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-01-03 12:42 . 2014-01-03 12:42	--------	d-----w-	C:\FRST
2014-01-03 10:57 . 2014-01-03 12:06	--------	d-----w-	c:\users\Flo\.dia
2014-01-03 10:54 . 2014-01-03 10:55	--------	d-----w-	c:\program files (x86)\Dia
2013-12-30 23:30 . 2013-12-30 23:30	--------	d-----w-	c:\programdata\McAfee
2013-12-30 23:18 . 2013-12-30 23:18	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-12-19 17:30 . 2013-12-19 17:30	--------	d-----w-	c:\windows\system32\0PRQforpWsttis
2013-12-19 17:30 . 2013-12-19 17:30	--------	d-----w-	c:\windows\0PRQforpWsttis
2013-12-19 17:30 . 2013-12-19 17:30	--------	d-----w-	C:\AX NF ZZ
2013-12-18 17:07 . 2013-12-18 17:07	--------	d-----w-	c:\users\Flo\AppData\Roaming\Siemens
2013-12-18 15:58 . 2013-12-19 17:25	--------	d-----w-	c:\program files (x86)\Siemens
2013-12-18 15:49 . 2013-12-18 16:18	--------	d-----w-	c:\program files\Common Files\Siemens
2013-12-18 15:48 . 2013-12-18 15:48	--------	d-----w-	c:\program files (x86)\MSSOAP
2013-12-18 15:45 . 2013-12-18 16:20	--------	d-----w-	c:\program files (x86)\Common Files\Siemens
2013-12-18 15:45 . 2013-12-18 15:45	--------	d-----w-	c:\programdata\Siemens
2013-12-12 01:33 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 01:33 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 01:33 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2013-12-12 01:33 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2013-12-12 01:33 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2013-12-12 01:30 . 2013-11-27 00:52	293072	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2013-12-12 01:30 . 2013-11-27 00:20	235216	----a-w-	c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-12 01:30 . 2013-11-26 10:19	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-12-12 01:30 . 2013-11-26 09:23	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-12-12 01:30 . 2013-11-26 06:48	353280	----a-w-	c:\program files\Internet Explorer\IEShims.dll
2013-12-12 01:30 . 2013-11-26 10:18	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-12-12 01:30 . 2013-11-26 10:07	7211520	----a-w-	c:\program files\Internet Explorer\F12Resources.dll
2013-12-12 01:30 . 2013-11-26 08:34	482816	----a-w-	c:\program files\Internet Explorer\ieinstal.exe
2013-12-12 01:30 . 2013-11-26 07:55	469504	----a-w-	c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-12 01:30 . 2013-11-26 06:41	251392	----a-w-	c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-12 01:30 . 2013-11-26 06:22	270848	----a-w-	c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-11 23:18 . 2013-10-30 02:32	335360	----a-w-	c:\windows\system32\msieftp.dll
2013-12-11 23:18 . 2013-10-30 02:19	301568	----a-w-	c:\windows\SysWow64\msieftp.dll
2013-12-11 23:17 . 2013-10-30 01:24	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-12-11 23:17 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-12-11 23:17 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-12-11 23:17 . 2013-10-19 02:18	81408	----a-w-	c:\windows\system32\imagehlp.dll
2013-12-11 23:17 . 2013-10-19 01:36	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-12-11 23:17 . 2013-11-12 02:23	2048	----a-w-	c:\windows\system32\tzres.dll
2013-12-11 23:17 . 2013-11-12 02:07	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-12-11 23:17 . 2013-10-04 02:16	116736	----a-w-	c:\windows\system32\drivers\drmk.sys
2013-12-11 23:17 . 2013-10-04 01:36	230400	----a-w-	c:\windows\system32\drivers\portcls.sys
2013-12-11 23:16 . 2013-10-12 02:32	150016	----a-w-	c:\windows\system32\wshom.ocx
2013-12-11 23:16 . 2013-10-12 02:31	202752	----a-w-	c:\windows\system32\scrrun.dll
2013-12-11 23:16 . 2013-10-12 02:04	121856	----a-w-	c:\windows\SysWow64\wshom.ocx
2013-12-11 23:16 . 2013-10-12 02:03	163840	----a-w-	c:\windows\SysWow64\scrrun.dll
2013-12-11 23:16 . 2013-10-12 01:33	156160	----a-w-	c:\windows\system32\cscript.exe
2013-12-11 23:16 . 2013-10-12 01:33	168960	----a-w-	c:\windows\system32\wscript.exe
2013-12-11 23:16 . 2013-10-12 01:15	141824	----a-w-	c:\windows\SysWow64\wscript.exe
2013-12-11 23:16 . 2013-10-12 01:15	126976	----a-w-	c:\windows\SysWow64\cscript.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 00:11 . 2012-06-12 19:40	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-31 00:11 . 2011-07-05 00:27	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-15 01:25 . 2010-03-21 10:21	90708896	----a-w-	c:\windows\system32\MRT.exe
2013-11-26 00:36 . 2013-11-26 00:36	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 00:36 . 2013-11-26 00:36	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-26 00:36 . 2013-11-26 00:36	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 00:36 . 2013-11-26 00:36	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-26 00:36 . 2013-11-26 00:36	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-26 00:36 . 2013-11-26 00:36	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 00:36 . 2013-11-26 00:36	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-26 00:36 . 2013-11-26 00:36	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 00:36 . 2013-11-26 00:36	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-26 00:36 . 2013-11-26 00:36	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-26 00:36 . 2013-11-26 00:36	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 00:36 . 2013-11-26 00:36	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-26 00:36 . 2013-11-26 00:36	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-26 00:36 . 2013-11-26 00:36	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-26 00:36 . 2013-11-26 00:36	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-26 00:36 . 2013-11-26 00:36	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-26 00:36 . 2013-11-26 00:36	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-26 00:36 . 2013-11-26 00:36	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-26 00:36 . 2013-11-26 00:36	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-26 00:36 . 2013-11-26 00:36	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 00:36 . 2013-11-26 00:36	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-26 00:36 . 2013-11-26 00:36	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 00:36 . 2013-11-26 00:36	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-26 00:36 . 2013-11-26 00:36	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 00:36 . 2013-11-26 00:36	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-26 00:36 . 2013-11-26 00:36	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-26 00:36 . 2013-11-26 00:36	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-26 00:36 . 2013-11-26 00:36	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-26 00:36 . 2013-11-26 00:36	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-26 00:36 . 2013-11-26 00:36	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 00:36 . 2013-11-26 00:36	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-26 00:36 . 2013-11-26 00:36	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-26 00:36 . 2013-11-26 00:36	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-26 00:36 . 2013-11-26 00:36	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-26 00:36 . 2013-11-26 00:36	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-26 00:36 . 2013-11-26 00:36	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-26 00:36 . 2013-11-26 00:36	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-26 00:36 . 2013-11-26 00:36	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-26 00:36 . 2013-11-26 00:36	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-26 00:36 . 2013-11-26 00:36	413696	----a-w-	c:\windows\system32\html.iec
2013-11-26 00:36 . 2013-11-26 00:36	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 00:36 . 2013-11-26 00:36	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-26 00:36 . 2013-11-26 00:36	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-26 00:36 . 2013-11-26 00:36	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-26 00:36 . 2013-11-26 00:36	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-26 00:36 . 2013-11-26 00:36	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-26 00:36 . 2013-11-26 00:36	235520	----a-w-	c:\windows\system32\url.dll
2013-11-26 00:36 . 2013-11-26 00:36	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-26 00:36 . 2013-11-26 00:36	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-26 00:36 . 2013-11-26 00:36	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-26 00:36 . 2013-11-26 00:36	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-26 00:36 . 2013-11-26 00:36	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-26 00:36 . 2013-11-26 00:36	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-26 00:36 . 2013-11-26 00:36	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-26 00:36 . 2013-11-26 00:36	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-26 00:36 . 2013-11-26 00:36	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-26 00:36 . 2013-11-26 00:36	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 00:36 . 2013-11-26 00:36	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-26 00:36 . 2013-11-26 00:36	101376	----a-w-	c:\windows\system32\inseng.dll
2013-10-14 17:00 . 2013-11-26 00:43	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-19 16:51	830464	----a-w-	c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-19 16:51	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-19 16:51	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-19 16:51	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-19 16:51	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-10-29 206448]
"SiemensAutomationFileStorage"="c:\program files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe" [2013-07-11 942080]
.
c:\users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
net.lnk - c:\users\Flo\AppData\Roaming\Windows Net Data\net.exe [2013-10-3 709120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\SXDS10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\SXDS10.exe \Service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 VBoxDrv;VBoxDrv;c:\windows\system32\drivers\VBoxDrv.sys;c:\windows\SYSNATIVE\drivers\VBoxDrv.sys [x]
S1 vmlitedrv;vmlitedrv;c:\windows\system32\drivers\vmlitedrv.sys;c:\windows\SYSNATIVE\drivers\vmlitedrv.sys [x]
S1 VMLiteUSBMon;VMLiteUSBMon;c:\windows\system32\drivers\vmliteusbmon.sys;c:\windows\SYSNATIVE\drivers\vmliteusbmon.sys [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
S2 almservice;Automation License Manager Service;c:\program files\Common Files\Siemens\sws\almsrv\almsrv64x.exe;c:\program files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job-Manager;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 s7oiehsx64;SIMATIC S7DOS Help Service;c:\program files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe;c:\program files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [x]
S2 s7ousbu64x;SIMATIC USB Service;c:\windows\system32\DRIVERS\s7ousbu64x.sys;c:\windows\SYSNATIVE\DRIVERS\s7ousbu64x.sys [x]
S2 s7sn2srtx;PROFINET IO RT-Protocol V2.0;c:\windows\system32\DRIVERS\s7sn2srtx.sys;c:\windows\SYSNATIVE\DRIVERS\s7sn2srtx.sys [x]
S2 S7TraceServiceX;S7TraceServiceX;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [x]
S2 StarMoney 9.0 OnlineUpdate;StarMoney 9.0 OnlineUpdate;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [x]
S2 VMLiteService;VMLiteService;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe [x]
S3 dpmconv;SIMATIC NET DP Driver;c:\windows\system32\DRIVERS\dpmconv.sys;c:\windows\SYSNATIVE\DRIVERS\dpmconv.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 s7odpx2x64;SIMATIC Knotentaufe;c:\windows\system32\DRIVERS\s7odpx2x64.sys;c:\windows\SYSNATIVE\DRIVERS\s7odpx2x64.sys [x]
S3 s7oppinx64;SIMATIC PPI Transport;c:\windows\system32\DRIVERS\s7oppinx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7oppinx64.sys [x]
S3 s7oserix64;Siemens PC Serial Cable;c:\windows\system32\Drivers\s7oserix64.sys;c:\windows\SYSNATIVE\Drivers\s7oserix64.sys [x]
S3 s7osmcax64;SIMATIC PC Adapter RS232;c:\windows\system32\DRIVERS\s7osmcax64.sys;c:\windows\SYSNATIVE\DRIVERS\s7osmcax64.sys [x]
S3 s7osobux64;SIMATIC SoftBus;c:\windows\system32\DRIVERS\s7osobux64.sys;c:\windows\SYSNATIVE\DRIVERS\s7osobux64.sys [x]
S3 s7otmcd64x;SIMATIC Memory Cards;c:\windows\system32\Drivers\s7otmcd64x.sys;c:\windows\SYSNATIVE\Drivers\s7otmcd64x.sys [x]
S3 s7otranx64;SIMATIC Transport;c:\windows\system32\DRIVERS\s7otranx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7otranx64.sys [x]
S3 s7otsadx64;SIMATIC TS Adapter RS232;c:\windows\system32\DRIVERS\s7otsadx64.sys;c:\windows\SYSNATIVE\DRIVERS\s7otsadx64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VBoxNetAdp;VMLite Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vmlitestor;vmlitestor;c:\windows\system32\DRIVERS\vmlitestor.sys;c:\windows\SYSNATIVE\DRIVERS\vmlitestor.sys [x]
S3 vsnl2ada;SIMATIC NET FDL Driver;c:\windows\system32\DRIVERS\vsnl2ada.sys;c:\windows\SYSNATIVE\DRIVERS\vsnl2ada.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 00:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 12:33	2331336	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 12:33	2331336	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 12:33	2331336	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\Flo\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-03 9642528]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\
FF - prefs.js: browser.startup.homepage - hxxp://www.pandora.com/
FF - prefs.js: network.proxy.type - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1222250883-2971305014-1155337218-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1222250883-2971305014-1155337218-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1222250883-2971305014-1155337218-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:1c,f8,63,a1,18,d4,50,1d,99,b9,e4,f1,df,fc,69,b2,3f,63,97,9c,9c,
   ab,d1,84,af,99,c9,c4,83,fc,71,a0,01,f0,48,68,ce,e5,00,67,2f,61,b0,05,10,ac,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-04  00:56:26
ComboFix-quarantined-files.txt  2014-01-03 23:56
.
Vor Suchlauf: 16 Verzeichnis(se), 901.533.286.400 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 904.152.268.800 Bytes frei
.
- - End Of File - - AC818A805B3075C3FD4D3868AD8D9EC4
         
__________________

Alt 04.01.2014, 15:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.01.2014, 18:41   #5
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Soo, also hier mal alle neuen LOGs

Malwarebytes Anti-Malware :
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Flo :: FLO-PC [Administrator]

04.01.2014 17:50:04
mbam-log-2014-01-04 (17-50-04).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 266190
Laufzeit: 5 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0G2Y1R2X0G1M2S1M0G1S1H -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {833DAF12-0C5F-11E1-80F9-40618699EEE6} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {833DAF12-0C5F-11E1-80F9-40618699EEE6} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Flo\AppData\Local\DownloadGuide (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\Offers (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.8 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 6
C:\Users\Flo\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\amazon.ico (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\pdfdrucker.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\pdfdrucker.exe_date (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\Offers\foxydeal.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\DownloadGuide\Offers\pricealarm.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
AdwCleaner:
Code:
ATTFilter
# AdwCleaner v3.016 - Bericht erstellt am 04/01/2014 um 18:13:56
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Flo - FLO-PC
# Gestartet von : C:\Users\Flo\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Users\Flo\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Flo\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Flo\AppData\Roaming\QuickStoresToolbar
Ordner Gelöscht : C:\Users\Flo\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gelöscht : C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Datei Gelöscht : C:\Users\Flo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader37871_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader37871_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_click-musicalkeys_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_click-musicalkeys_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_splan_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_splan_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_synthesia_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_synthesia_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\prefs.js ]


*************************

AdwCleaner[R0].txt - [4840 octets] - [04/01/2014 18:09:31]
AdwCleaner[S0].txt - [4614 octets] - [04/01/2014 18:13:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4674 octets] ##########
         
Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Flo on 04.01.2014 at 18:22:07,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1222250883-2971305014-1155337218-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskToolbarNRO_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskToolbarNRO_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{101F8508-32F4-4582-83B0-1E407F3337D9}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{531F78F6-61A6-4564-AF3D-ACED35C1A983}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{67437CA2-0558-4FFC-8AC3-EC4191D3FA18}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{7329C210-A57A-4F05-8D9C-CDD84AA2EF1A}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{7B6A7BE2-F654-4068-AF88-C78B8CCCA915}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{83FCA535-B676-4FCA-9AAD-F0BE5C0397DC}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{91CDB197-78AB-4929-AE40-95DCFD533817}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{B395C334-1D15-4021-80A6-104F7030D70C}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{C1EB41CB-54A5-4342-AF7D-D3660F41FD0B}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{D570FE0A-2C74-47F8-B789-59065E753A02}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{D948B4EE-F086-4291-84DF-7F22F0CFEA2D}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{F492753C-B404-4021-BB28-2771DCF0BD51}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{F7E1A9AC-33EF-4D4A-ACFA-B9CAEB39B140}
Successfully deleted: [Empty Folder] C:\Users\Flo\appdata\local\{FCC9A4B2-645A-438E-AF2E-5A371C83A7E2}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2014 at 18:31:08,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
neues FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Flo (administrator) on FLO-PC on 04-01-2014 18:32:09
Running from C:\Users\Flo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dropbox, Inc.) C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] - C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [942080 2013-07-11] (Siemens AG)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1409A5548FC7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894
FF Homepage: hxxp://www.pandora.com/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20((url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*'))%20%7B%20return%20'PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-08] (Autodesk, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-08-20] ()
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [229520 2011-08-28] (soft Xpansion)
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259584 2013-04-10] (Siemens AG)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-21] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
U3 a9hfxhek; C:\Windows\System32\Drivers\a9hfxhek.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 18:31 - 2014-01-04 18:31 - 00002824 _____ C:\Users\Flo\Desktop\JRT.txt
2014-01-04 18:31 - 2014-01-04 18:31 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:09 - 2014-01-04 18:13 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2014-01-04 11:15 - 00002394 _____ C:\Users\Flo\Desktop\Diagramm1.dia
2014-01-04 11:15 - 2014-01-04 11:15 - 00000730 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-04 01:48 - 2014-01-04 01:51 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:33 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-04 00:33 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-04 00:33 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-04 00:32 - 2014-01-04 00:56 - 00000000 ____D C:\Qoobox
2014-01-04 00:32 - 2014-01-04 00:53 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 14:03 - 2014-01-03 14:04 - 00040973 _____ C:\Users\Flo\Desktop\Addition.txt
2014-01-03 13:48 - 2014-01-04 18:33 - 00017378 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-03 13:42 - 2014-01-04 18:31 - 00000000 ____D C:\FRST
2014-01-03 13:41 - 2014-01-04 18:31 - 01931368 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-03 11:57 - 2014-01-03 13:06 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 11:54 - 2014-01-03 11:55 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2013-12-31 00:30 - 2014-01-04 18:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 00:30 - 2013-12-31 01:11 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 18:58 - 2013-12-27 19:23 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-18 18:22 - 2014-01-03 12:01 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-19 18:25 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:52 - 2013-12-19 18:24 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:49 - 2013-12-18 17:18 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-12 02:33 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 02:33 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 02:30 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 02:30 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 02:30 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 02:29 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 02:29 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 02:29 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 02:29 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 02:29 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 02:29 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 02:29 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 02:29 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 02:29 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 02:29 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 02:29 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 02:29 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 02:29 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:18 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 00:18 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:17 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:17 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 00:17 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 00:17 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:17 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 00:17 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 00:17 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:17 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 00:17 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 00:16 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 00:16 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:16 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-04 18:33 - 2014-01-03 13:48 - 00017378 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-04 18:31 - 2014-01-04 18:31 - 00002824 _____ C:\Users\Flo\Desktop\JRT.txt
2014-01-04 18:31 - 2014-01-04 18:31 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-04 18:31 - 2014-01-03 13:42 - 00000000 ____D C:\FRST
2014-01-04 18:31 - 2014-01-03 13:41 - 01931368 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-04 18:24 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 18:24 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:21 - 2010-03-19 18:04 - 01208103 _____ C:\Windows\WindowsUpdate.log
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:19 - 2010-06-03 22:28 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B139B71D-C8AD-4276-91D7-AC94C1607EC2}
2014-01-04 18:18 - 2013-05-05 11:14 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Dropbox
2014-01-04 18:18 - 2012-02-08 16:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-04 18:17 - 2013-05-05 11:19 - 00000000 ___RD C:\Users\Flo\Dropbox
2014-01-04 18:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 18:15 - 2009-07-14 05:51 - 00181407 _____ C:\Windows\setupact.log
2014-01-04 18:13 - 2014-01-04 18:09 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:13 - 2010-03-19 18:07 - 00000000 ___RD C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 18:11 - 2013-12-31 00:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 18:01 - 2010-03-25 18:59 - 00310286 _____ C:\Windows\PFRO.log
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2014-01-04 11:15 - 00002394 _____ C:\Users\Flo\Desktop\Diagramm1.dia
2014-01-04 11:15 - 2014-01-04 11:15 - 00000730 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-04 11:15 - 2010-03-19 18:07 - 00000000 ____D C:\Users\Flo
2014-01-04 01:57 - 2013-07-14 09:47 - 00000000 ____D C:\Users\Flo\Downloads\Neuer Ordner
2014-01-04 01:51 - 2014-01-04 01:48 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:56 - 2014-01-04 00:32 - 00000000 ____D C:\Qoobox
2014-01-04 00:53 - 2014-01-04 00:32 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:52 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 14:04 - 2014-01-03 14:03 - 00040973 _____ C:\Users\Flo\Desktop\Addition.txt
2014-01-03 13:06 - 2014-01-03 11:57 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 12:01 - 2013-12-18 18:22 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2014-01-03 11:55 - 2014-01-03 11:54 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-03 11:34 - 2013-06-01 13:44 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2014-01-02 21:36 - 2009-07-14 18:58 - 00701670 _____ C:\Windows\system32\perfh007.dat
2014-01-02 21:36 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2014-01-02 21:36 - 2009-07-14 06:13 - 01627016 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2014-01-02 12:23 - 2013-02-09 14:28 - 00000000 ____D C:\Users\Administrator
2014-01-02 12:23 - 2010-11-23 20:18 - 00000000 ____D C:\Users\postgres
2014-01-02 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-31 15:17 - 2013-03-22 17:50 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-31 01:11 - 2013-12-31 00:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 01:11 - 2012-06-12 20:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 01:11 - 2011-07-05 01:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 00:36 - 2010-03-26 20:37 - 00000000 ____D C:\Users\Flo\AppData\Local\Adobe
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:19 - 2010-03-20 20:31 - 00000000 ____D C:\Users\Flo\AppData\Local\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 00:17 - 2010-03-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 01:04 - 2012-11-24 23:10 - 00000283 _____ C:\Users\Flo\Documents\Serien.txt
2013-12-28 14:50 - 2012-11-11 22:44 - 00000000 ____D C:\Users\Flo\Downloads\Randon Mukke
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 19:23 - 2013-12-27 18:58 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-19 18:25 - 2013-12-18 16:58 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-19 18:24 - 2013-12-18 16:52 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 19:37 - 2013-08-31 01:01 - 00000000 ____D C:\Users\Flo\AppData\Roaming\vlc
2013-12-18 18:16 - 2009-07-14 05:45 - 00495736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 18:01 - 2010-03-19 18:11 - 00136200 _____ C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 17:21 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2013-12-18 17:18 - 2013-12-18 16:49 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:53 - 2010-03-20 21:12 - 00059022 _____ C:\Windows\DPINST.LOG
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-15 02:29 - 2010-03-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-15 02:28 - 2013-08-15 00:44 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:25 - 2010-03-21 11:21 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 19:06 - 2013-06-06 22:39 - 00000000 ____D C:\Users\Flo\Downloads\Oldschool Mukke
2013-12-12 18:06 - 2010-03-25 22:06 - 00000000 ____D C:\Users\Flo\Football
2013-12-12 17:18 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 20:20

==================== End Of Log ============================
         
--- --- ---


und neues Addition Log:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Flo at 2014-01-04 18:33:23
Running from C:\Users\Flo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 - Deutsch (x32 Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player (x32 Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.13.88 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.2 (x32 Version: 9.4.2 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
AVM FRITZ!Box Dokumentation (x32 Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (x32 Version:  - Treyarch)
Call of Duty: Black Ops (x32 Version:  - Treyarch)
Canon iP5200 (Version:  - )
CanoScan LiDE 90 (Version:  - )
CanoScan Toolbox Ver4.9 (x32 Version:  - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Counter-Strike: Global Offensive (x32 Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version:  - Microsoft)
Dia (nur entfernen) (x32 Version:  - )
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Eco Materials Adviser (x64) (Version: 1.32.0.0 - Granta Design Limited)
Freemake Video Converter Version 4.0.0 (x32 Version: 4.0.0 - Ellora Assets Corporation)
GIMP 2.6.10 (x32 Version: 2.6.10 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
HDR Darkroom Windows Version v4.0 (x32 Version: Windows Version v4.0 - HengTu, Inc.)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HL-2240D (x32 Version: 1.0.4.0 - Brother Industries, Ltd.)
HP Officejet 6100 Basic Device Software (Version: 25.0.617.0 - Hewlett-Packard Co.)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
Keil µVision4 (x32 Version:  - )
Madden NFL 08 (x32 Version:  - Electronic Arts)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MATLAB R2009b (Version: 7.9 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (x32 Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MKVToolNix 5.8.0 (x32 Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.00900 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OpenVPN 2.1.3 (x32 Version: 2.1.3 - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (x32 Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime (x32 Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (x32 Version: 3.4.5.0 - Rosetta Stone Ltd.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (Version: 16.0.16000.0000 - Autodesk)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Secure Download Manager (x32 Version: 3.1.30 - Kivuto Solutions Inc.)
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (x32 Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (x32 Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (x32 Version: 5.4.0502 - Siemens AG)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.2.9 (x32 Version: 3.2.9 - www.sopcast.com)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2012 (x32 Version: 17.08 - Wolters Kluwer Deutschland GmbH)
StreamTorrent 1.0 (x32 Version:  - )
TeamSpeak 3 Client (HKCU Version: 3.0.6 - TeamSpeak Systems GmbH)
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIPP10 Version 2.1.0 (x32 Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.0 (x32 Version: 1.1.0 - VideoLAN)
VMLite Workstation (Version: 3.2.6 - VMLite)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Utils (x32 Version:  - )
WinRAR (Version:  - )
Wise Registry Cleaner 7.63 (x32 Version:  - WiseCleaner.com, Inc.)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)

==================== Restore Points  =========================

01-01-2014 16:46:32 Geplanter Prüfpunkt
03-01-2014 23:33:45 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-04 00:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {22D242C8-5075-4E9D-A49A-40DD9CB79369} - System32\Tasks\{945AE91C-FD85-4C43-9F6D-4A64241D7020} => C:\Spielewiese\Hi-Rez Studios\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe
Task: {245A4F72-84F2-4309-852B-2727A098E319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31] (Adobe Systems Incorporated)
Task: {51B1C918-4A81-45A1-BFAB-9501BFD38EB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5DD1A1FF-3B68-4752-A935-C924933E9152} - System32\Tasks\{91A2CC6C-EA2F-4FE1-93DF-1AE4FC58AB31} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {7B080D84-AB9B-4EE3-B5CD-DC1E37C71159} - System32\Tasks\{4B42A201-C678-40F1-9A20-6B2FEA2D280A} => C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe [2009-12-23] (Multidmedia Limited                 )
Task: {C427900B-A65C-4FA9-A2BB-E48F66864F7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CA9C8660-8FCE-4D9B-8CAD-BD6F48DBF2DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CDECEA2C-08A2-4B8E-AB5A-EAA9A27413CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 20:42 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Flo\AppData\Roaming\Dropbox\bin\libcef.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2013-06-05 14:22 - 2013-06-05 14:22 - 00766176 _____ () C:\Windows\SysWOW64\sn_regbase.dll

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (11/28/2010 07:22:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8614 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 04:58:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4094 seconds with 3900 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:49:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:48:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8649 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:24:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 137 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:21:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5022 seconds with 4680 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-04 00:50:40.117
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-04 00:50:39.805
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-02-26 10:12:58.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 09:51:06.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 00:33:28.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 23:58:09.302
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 19:02:58.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 16:34:41.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 14:19:58.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 00:12:20.113
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 4094.3 MB
Available physical RAM: 2148.75 MB
Total Pagefile: 8186.79 MB
Available Pagefile: 6107.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1376.16 GB) (Free:839.84 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: DF3FB8C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-721379393536) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         


Alt 05.01.2014, 16:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Habe ich den Bundespolizei Trojaner?

Alt 06.01.2014, 10:52   #7
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Hier Eset-Online Scanner:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=12b4a1760630b34bb119eda55196b92a
# engine=16532
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-06 02:23:13
# local_time=2014-01-06 03:23:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1285 16777214 100 98 61485 85622905 0 0
# compatibility_mode=5893 16776574 100 94 15417879 140604843 0 0
# scanned=596199
# found=3
# cleaned=0
# scan_time=21338
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=7C5BAEEC2B7E4BFB6DD8F16A8FF672F4DC2DF2E3 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.NFU trojan" ac=I fn="C:\Users\Flo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\43e255eb-7ad8e37b"
sh=985ABE1415241F5F6E584997881133B9E5DBD877 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.CM trojan" ac=I fn="C:\Users\Flo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\58ad53fc-3c99676c"
         
Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Wise Registry Cleaner 7.63  
 Java(TM) 6 Update 20  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
 StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe  
 Kaspersky Lab Kaspersky Internet Security 2012 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Flo (administrator) on FLO-PC on 06-01-2014 10:37:26
Running from C:\Users\Flo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Dropbox, Inc.) C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] - C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [942080 2013-07-11] (Siemens AG)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1409A5548FC7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894
FF Homepage: hxxp://www.pandora.com/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com')%20%7B%20return%20'PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-08] (Autodesk, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-08-20] ()
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [229520 2011-08-28] (soft Xpansion)
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259584 2013-04-10] (Siemens AG)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-21] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
U3 ak607rgq; C:\Windows\System32\Drivers\ak607rgq.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 10:18 - 2014-01-06 10:18 - 00987410 _____ C:\Users\Flo\Desktop\SecurityCheck.exe
2014-01-05 21:25 - 2014-01-05 21:25 - 02347384 _____ (ESET) C:\Users\Flo\Desktop\esetsmartinstaller_enu.exe
2014-01-05 10:35 - 2014-01-05 11:59 - 00004694 _____ C:\Users\Flo\Desktop\Neues Textdokument.txt
2014-01-04 20:26 - 2014-01-04 20:33 - 617155850 _____ C:\Users\Flo\Downloads\The Big Bang Theory - s07e12 - The Hesitation Ramification.mkv
2014-01-04 18:31 - 2014-01-06 10:36 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-04 18:31 - 2014-01-04 18:31 - 00002824 _____ C:\Users\Flo\Desktop\JRT.txt
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:09 - 2014-01-04 18:13 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2014-01-05 11:52 - 00004954 _____ C:\Users\Flo\Desktop\Diagramm1.dia
2014-01-04 11:15 - 2014-01-05 11:52 - 00004901 _____ C:\Users\Flo\Desktop\Diagramm1.dia~
2014-01-04 11:15 - 2014-01-04 11:15 - 00000730 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-04 01:48 - 2014-01-04 01:51 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:33 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-04 00:33 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-04 00:33 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-04 00:32 - 2014-01-04 00:56 - 00000000 ____D C:\Qoobox
2014-01-04 00:32 - 2014-01-04 00:53 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 14:03 - 2014-01-04 18:33 - 00034961 _____ C:\Users\Flo\Desktop\Addition.txt
2014-01-03 13:48 - 2014-01-06 10:38 - 00017445 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-03 13:42 - 2014-01-06 10:36 - 00000000 ____D C:\FRST
2014-01-03 13:41 - 2014-01-06 10:36 - 01931762 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-03 11:57 - 2014-01-03 13:06 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 11:54 - 2014-01-03 11:55 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2013-12-31 00:30 - 2014-01-06 10:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 00:30 - 2013-12-31 01:11 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 18:58 - 2013-12-27 19:23 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-18 18:22 - 2014-01-03 12:01 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-19 18:25 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:52 - 2013-12-19 18:24 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:49 - 2013-12-18 17:18 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-12 02:33 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 02:33 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 02:30 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 02:30 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 02:30 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 02:29 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 02:29 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 02:29 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 02:29 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 02:29 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 02:29 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 02:29 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 02:29 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 02:29 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 02:29 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 02:29 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 02:29 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 02:29 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:18 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 00:18 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:17 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:17 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 00:17 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 00:17 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:17 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 00:17 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 00:17 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:17 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 00:17 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 00:16 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 00:16 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:16 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-06 10:38 - 2014-01-03 13:48 - 00017445 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-06 10:37 - 2010-06-03 22:28 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B139B71D-C8AD-4276-91D7-AC94C1607EC2}
2014-01-06 10:36 - 2014-01-04 18:31 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-06 10:36 - 2014-01-03 13:42 - 00000000 ____D C:\FRST
2014-01-06 10:36 - 2014-01-03 13:41 - 01931762 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-06 10:30 - 2012-02-08 16:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-06 10:18 - 2014-01-06 10:18 - 00987410 _____ C:\Users\Flo\Desktop\SecurityCheck.exe
2014-01-06 10:11 - 2013-12-31 00:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 10:10 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 10:10 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 10:07 - 2010-03-19 18:04 - 01463073 _____ C:\Windows\WindowsUpdate.log
2014-01-06 10:05 - 2013-05-05 11:14 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Dropbox
2014-01-06 10:04 - 2013-05-05 11:19 - 00000000 ___RD C:\Users\Flo\Dropbox
2014-01-06 10:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 10:02 - 2009-07-14 05:51 - 00181855 _____ C:\Windows\setupact.log
2014-01-05 21:25 - 2014-01-05 21:25 - 02347384 _____ (ESET) C:\Users\Flo\Desktop\esetsmartinstaller_enu.exe
2014-01-05 21:25 - 2009-07-14 18:58 - 00701670 _____ C:\Windows\system32\perfh007.dat
2014-01-05 21:25 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2014-01-05 21:25 - 2009-07-14 06:13 - 01627016 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 14:20 - 2013-07-14 09:47 - 00000000 ____D C:\Users\Flo\Downloads\Neuer Ordner
2014-01-05 11:59 - 2014-01-05 10:35 - 00004694 _____ C:\Users\Flo\Desktop\Neues Textdokument.txt
2014-01-05 11:52 - 2014-01-04 11:15 - 00004954 _____ C:\Users\Flo\Desktop\Diagramm1.dia
2014-01-05 11:52 - 2014-01-04 11:15 - 00004901 _____ C:\Users\Flo\Desktop\Diagramm1.dia~
2014-01-04 20:33 - 2014-01-04 20:26 - 617155850 _____ C:\Users\Flo\Downloads\The Big Bang Theory - s07e12 - The Hesitation Ramification.mkv
2014-01-04 18:33 - 2014-01-03 14:03 - 00034961 _____ C:\Users\Flo\Desktop\Addition.txt
2014-01-04 18:31 - 2014-01-04 18:31 - 00002824 _____ C:\Users\Flo\Desktop\JRT.txt
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:13 - 2014-01-04 18:09 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:13 - 2010-03-19 18:07 - 00000000 ___RD C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 18:01 - 2010-03-25 18:59 - 00310286 _____ C:\Windows\PFRO.log
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2014-01-04 11:15 - 00000730 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-04 11:15 - 2010-03-19 18:07 - 00000000 ____D C:\Users\Flo
2014-01-04 01:51 - 2014-01-04 01:48 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:56 - 2014-01-04 00:32 - 00000000 ____D C:\Qoobox
2014-01-04 00:53 - 2014-01-04 00:32 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:52 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 13:06 - 2014-01-03 11:57 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 12:01 - 2013-12-18 18:22 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2014-01-03 11:55 - 2014-01-03 11:54 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-03 11:34 - 2013-06-01 13:44 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2014-01-02 12:23 - 2013-02-09 14:28 - 00000000 ____D C:\Users\Administrator
2014-01-02 12:23 - 2010-11-23 20:18 - 00000000 ____D C:\Users\postgres
2014-01-02 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-31 15:17 - 2013-03-22 17:50 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-31 01:11 - 2013-12-31 00:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 01:11 - 2012-06-12 20:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 01:11 - 2011-07-05 01:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 00:36 - 2010-03-26 20:37 - 00000000 ____D C:\Users\Flo\AppData\Local\Adobe
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:19 - 2010-03-20 20:31 - 00000000 ____D C:\Users\Flo\AppData\Local\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 00:17 - 2010-03-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 01:04 - 2012-11-24 23:10 - 00000283 _____ C:\Users\Flo\Documents\Serien.txt
2013-12-28 15:31 - 2013-10-27 10:27 - 00000000 ____D C:\Users\Flo\Downloads\90s Top 50
2013-12-28 14:50 - 2012-11-11 22:44 - 00000000 ____D C:\Users\Flo\Downloads\Randon Mukke
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 19:23 - 2013-12-27 18:58 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-19 18:25 - 2013-12-18 16:58 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-19 18:24 - 2013-12-18 16:52 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 19:37 - 2013-08-31 01:01 - 00000000 ____D C:\Users\Flo\AppData\Roaming\vlc
2013-12-18 18:16 - 2009-07-14 05:45 - 00495736 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 18:01 - 2010-03-19 18:11 - 00136200 _____ C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 17:21 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2013-12-18 17:18 - 2013-12-18 16:49 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:53 - 2010-03-20 21:12 - 00059022 _____ C:\Windows\DPINST.LOG
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-15 02:29 - 2010-03-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-15 02:28 - 2013-08-15 00:44 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:25 - 2010-03-21 11:21 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 19:06 - 2013-06-06 22:39 - 00000000 ____D C:\Users\Flo\Downloads\Oldschool Mukke
2013-12-12 18:06 - 2010-03-25 22:06 - 00000000 ____D C:\Users\Flo\Football
2013-12-12 17:18 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 20:20

==================== End Of Log ============================
         
--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Flo at 2014-01-06 10:38:40
Running from C:\Users\Flo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 - Deutsch (x32 Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player (x32 Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.13.88 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.2 (x32 Version: 9.4.2 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
AVM FRITZ!Box Dokumentation (x32 Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (x32 Version:  - Treyarch)
Call of Duty: Black Ops (x32 Version:  - Treyarch)
Canon iP5200 (Version:  - )
CanoScan LiDE 90 (Version:  - )
CanoScan Toolbox Ver4.9 (x32 Version:  - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Counter-Strike: Global Offensive (x32 Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version:  - Microsoft)
Dia (nur entfernen) (x32 Version:  - )
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Eco Materials Adviser (x64) (Version: 1.32.0.0 - Granta Design Limited)
Freemake Video Converter Version 4.0.0 (x32 Version: 4.0.0 - Ellora Assets Corporation)
GIMP 2.6.10 (x32 Version: 2.6.10 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
HDR Darkroom Windows Version v4.0 (x32 Version: Windows Version v4.0 - HengTu, Inc.)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HL-2240D (x32 Version: 1.0.4.0 - Brother Industries, Ltd.)
HP Officejet 6100 Basic Device Software (Version: 25.0.617.0 - Hewlett-Packard Co.)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
Keil µVision4 (x32 Version:  - )
Madden NFL 08 (x32 Version:  - Electronic Arts)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MATLAB R2009b (Version: 7.9 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (x32 Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MKVToolNix 5.8.0 (x32 Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.00900 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OpenVPN 2.1.3 (x32 Version: 2.1.3 - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (x32 Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime (x32 Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (x32 Version: 3.4.5.0 - Rosetta Stone Ltd.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (Version: 16.0.16000.0000 - Autodesk)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Secure Download Manager (x32 Version: 3.1.30 - Kivuto Solutions Inc.)
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (x32 Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (x32 Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (x32 Version: 5.4.0502 - Siemens AG)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.2.9 (x32 Version: 3.2.9 - www.sopcast.com)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2012 (x32 Version: 17.08 - Wolters Kluwer Deutschland GmbH)
StreamTorrent 1.0 (x32 Version:  - )
TeamSpeak 3 Client (HKCU Version: 3.0.6 - TeamSpeak Systems GmbH)
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIPP10 Version 2.1.0 (x32 Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.0 (x32 Version: 1.1.0 - VideoLAN)
VMLite Workstation (Version: 3.2.6 - VMLite)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Utils (x32 Version:  - )
WinRAR (Version:  - )
Wise Registry Cleaner 7.63 (x32 Version:  - WiseCleaner.com, Inc.)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)

==================== Restore Points  =========================

01-01-2014 16:46:32 Geplanter Prüfpunkt
03-01-2014 23:33:45 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-04 00:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {22D242C8-5075-4E9D-A49A-40DD9CB79369} - System32\Tasks\{945AE91C-FD85-4C43-9F6D-4A64241D7020} => C:\Spielewiese\Hi-Rez Studios\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe
Task: {245A4F72-84F2-4309-852B-2727A098E319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31] (Adobe Systems Incorporated)
Task: {51B1C918-4A81-45A1-BFAB-9501BFD38EB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5DD1A1FF-3B68-4752-A935-C924933E9152} - System32\Tasks\{91A2CC6C-EA2F-4FE1-93DF-1AE4FC58AB31} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {7B080D84-AB9B-4EE3-B5CD-DC1E37C71159} - System32\Tasks\{4B42A201-C678-40F1-9A20-6B2FEA2D280A} => C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe [2009-12-23] (Multidmedia Limited                 )
Task: {C427900B-A65C-4FA9-A2BB-E48F66864F7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CA9C8660-8FCE-4D9B-8CAD-BD6F48DBF2DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CDECEA2C-08A2-4B8E-AB5A-EAA9A27413CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-04-01 19:08 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 20:42 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Flo\AppData\Roaming\Dropbox\bin\libcef.dll
2013-06-05 14:22 - 2013-06-05 14:22 - 00766176 _____ () C:\Windows\SysWOW64\sn_regbase.dll
2013-12-31 00:30 - 2013-12-31 00:30 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2014 10:16:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:26:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:25:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:25:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2014 11:46:19 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x16ec
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3

Error: (01/05/2014 10:38:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0xf3c
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3

Error: (01/04/2014 08:11:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x7d4
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3


System errors:
=============
Error: (01/05/2014 10:19:02 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SIMATIC S7DOS Help Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (11/28/2010 07:22:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8614 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 04:58:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4094 seconds with 3900 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:49:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:48:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8649 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:24:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 137 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:21:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5022 seconds with 4680 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-04 00:50:40.117
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-04 00:50:39.805
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-02-26 10:12:58.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 09:51:06.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 00:33:28.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 23:58:09.302
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 19:02:58.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 16:34:41.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 14:19:58.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 00:12:20.113
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 4094.3 MB
Available physical RAM: 2094.72 MB
Total Pagefile: 8186.79 MB
Available Pagefile: 6008.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1376.16 GB) (Free:835.07 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.63 GB) NTFS
Drive j: (Elements) (Fixed) (Total:232.88 GB) (Free:195.46 GB) NTFS
Drive k: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:318.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: DF3FB8C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-721379393536) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2BB83C9B)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 0006C864)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Wie gesagt, Probleme gab's bisher eigentlich keine. Außer die Bundespolizei-Seite im Browser. Aber ich wusste eben nicht, ob irgendwo was versteckt ist. War bisher was auffällig wegen Bundespolizei Trojaner? Oder warum mein abgesicherter Modus nicht mehr funktioniert?

Ich danke auf jeden fall schonmal vorab

Alt 07.01.2014, 09:39   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Java und Adobe updaten. Wir haben einiges eintfernt.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.



Bitte ein frisches FRST log. Safe Mode geht immer noch nicht?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2014, 00:19   #9
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Also hab Java und den Adobe Reader aktualisiert und Windows Repair ausgeführt.
Der abgesicherte Modus läuft immer noch nicht. PC startet jedes mal kurz bevor er im abgesicherten Modus hochgefahren ist neu.

Soll ich vllt mal mit dem TFC bei Repairs den Windows Safe Mode reparieren? Gabs auch als Auswahlmöglichkeit.

Hier der neue FRST log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Flo (administrator) on FLO-PC on 08-01-2014 00:06:30
Running from C:\Users\Flo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Dropbox, Inc.) C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Siemens AG) C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Windows\SysWOW64\pniopcac.exe
(Siemens AG) C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Preloader.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SiemensAutomationFileStorage] - C:\Program Files (x86)\Siemens\Automation\Portal V12\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe [942080 2013-07-11] (Siemens AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1409A5548FC7CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894
FF Homepage: hxxp://www.pandora.com/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*'))%20%7B%20return%20'PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\wf7o85ps.default-1388663910894\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-29] (Kaspersky Lab ZAO)
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-08] (Autodesk, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-08-20] ()
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [229520 2011-08-28] (soft Xpansion)
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2009-07-07] (Advanced Micro Devices Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259584 2013-04-10] (Siemens AG)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-21] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
U3 ans4zhta; C:\Windows\System32\Drivers\ans4zhta.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-08 00:06 - 2014-01-08 00:07 - 00017373 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-07 21:25 - 2014-01-07 23:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-07 21:21 - 2014-01-07 21:21 - 00000207 _____ C:\Windows\tweaking.com-regbackup-FLO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-01-07 21:20 - 2014-01-07 21:20 - 00000000 ____D C:\RegBackup
2014-01-07 20:50 - 2014-01-07 20:50 - 00003288 ____N C:\bootsqm.dat
2014-01-07 20:39 - 2014-01-07 20:39 - 00000000 ____D C:\Users\Flo\Desktop\Tweaking.com - Windows Repair
2014-01-07 20:12 - 2014-01-07 20:12 - 00448512 _____ (OldTimer Tools) C:\Users\Flo\Desktop\TFC.exe
2014-01-07 11:39 - 2014-01-07 11:41 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-07 11:38 - 2014-01-07 11:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-07 11:24 - 2014-01-07 11:24 - 00000000 ____D C:\ProgramData\Oracle
2014-01-07 11:22 - 2014-01-07 11:22 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-07 11:22 - 2014-01-07 11:22 - 00000000 ____D C:\Program Files\Java
2014-01-06 11:41 - 2014-01-06 11:41 - 00001740 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-06 10:18 - 2014-01-06 10:18 - 00987410 _____ C:\Users\Flo\Desktop\SecurityCheck.exe
2014-01-05 21:25 - 2014-01-05 21:25 - 02347384 _____ (ESET) C:\Users\Flo\Desktop\esetsmartinstaller_enu.exe
2014-01-04 18:31 - 2014-01-06 10:36 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:09 - 2014-01-04 18:13 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2014-01-06 12:12 - 00005083 _____ C:\Users\Flo\Desktop\Zustandsgraph.dia
2014-01-04 11:15 - 2014-01-06 11:41 - 00005004 _____ C:\Users\Flo\Desktop\Zustandsgraph.dia~
2014-01-04 11:15 - 2014-01-05 11:52 - 00004901 _____ C:\Users\Flo\Desktop\Diagramm1.dia~
2014-01-04 01:48 - 2014-01-04 01:51 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:33 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-04 00:33 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-04 00:33 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-04 00:33 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-04 00:32 - 2014-01-04 00:56 - 00000000 ____D C:\Qoobox
2014-01-04 00:32 - 2014-01-04 00:53 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 13:42 - 2014-01-06 10:36 - 00000000 ____D C:\FRST
2014-01-03 13:41 - 2014-01-06 10:36 - 01931762 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-03 11:57 - 2014-01-03 13:06 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 11:54 - 2014-01-03 11:55 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2013-12-31 00:30 - 2014-01-07 23:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-31 00:30 - 2013-12-31 01:11 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-27 18:58 - 2013-12-27 19:23 - 1322598905 _____ C:\Users\Flo\Downloads\rm12648_3000.mp4
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-18 18:22 - 2014-01-07 19:49 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-19 18:25 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:52 - 2013-12-19 18:24 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:49 - 2013-12-18 17:18 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-12 02:33 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 02:33 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 02:33 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 02:30 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 02:30 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 02:30 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 02:29 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 02:29 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 02:29 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 02:29 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 02:29 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 02:29 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 02:29 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 02:29 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 02:29 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 02:29 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 02:29 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 02:29 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 02:29 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 02:29 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 02:29 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 02:29 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 02:29 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:29 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 02:29 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 02:29 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 00:18 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 00:18 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:17 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:17 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 00:17 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 00:17 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:17 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 00:17 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 00:17 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:17 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 00:17 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 00:16 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 00:16 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:16 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:16 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:16 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-08 00:07 - 2014-01-08 00:06 - 00017373 _____ C:\Users\Flo\Desktop\FRST.txt
2014-01-08 00:07 - 2010-03-19 18:04 - 01701852 _____ C:\Windows\WindowsUpdate.log
2014-01-08 00:07 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 00:07 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 00:06 - 2009-07-14 18:58 - 00687808 _____ C:\Windows\system32\perfh007.dat
2014-01-08 00:06 - 2009-07-14 18:58 - 00146494 _____ C:\Windows\system32\perfc007.dat
2014-01-08 00:06 - 2009-07-14 06:13 - 01627016 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 00:05 - 2013-05-05 11:19 - 00000000 ___RD C:\Users\Flo\Dropbox
2014-01-08 00:05 - 2013-05-05 11:14 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Dropbox
2014-01-08 00:05 - 2012-02-08 16:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-08 00:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-08 00:01 - 2009-07-14 05:51 - 00182303 _____ C:\Windows\setupact.log
2014-01-07 23:57 - 2010-06-03 22:28 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B139B71D-C8AD-4276-91D7-AC94C1607EC2}
2014-01-07 23:54 - 2010-03-19 18:11 - 00136200 _____ C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-07 23:52 - 2010-03-25 18:59 - 00312784 _____ C:\Windows\PFRO.log
2014-01-07 23:52 - 2009-07-14 19:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-07 23:52 - 2009-07-14 05:45 - 00495736 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-07 23:50 - 2014-01-07 21:25 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-07 23:48 - 2009-07-14 03:34 - 00000454 _____ C:\Windows\win.ini
2014-01-07 23:11 - 2013-12-31 00:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 21:21 - 2014-01-07 21:21 - 00000207 _____ C:\Windows\tweaking.com-regbackup-FLO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-01-07 21:20 - 2014-01-07 21:20 - 00000000 ____D C:\RegBackup
2014-01-07 20:50 - 2014-01-07 20:50 - 00003288 ____N C:\bootsqm.dat
2014-01-07 20:39 - 2014-01-07 20:39 - 00000000 ____D C:\Users\Flo\Desktop\Tweaking.com - Windows Repair
2014-01-07 20:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-07 20:12 - 2014-01-07 20:12 - 00448512 _____ (OldTimer Tools) C:\Users\Flo\Desktop\TFC.exe
2014-01-07 19:49 - 2013-12-18 18:22 - 00000000 ____D C:\Users\Flo\Documents\Automatisierung
2014-01-07 11:43 - 2010-03-26 20:37 - 00000000 ____D C:\Users\Flo\AppData\Local\Adobe
2014-01-07 11:41 - 2014-01-07 11:39 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-07 11:41 - 2013-10-03 11:48 - 00000000 ____D C:\Users\Flo\AppData\Local\Google
2014-01-07 11:38 - 2014-01-07 11:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-07 11:38 - 2010-03-26 20:35 - 00000000 ____D C:\ProgramData\Adobe
2014-01-07 11:38 - 2010-03-26 20:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-07 11:24 - 2014-01-07 11:24 - 00000000 ____D C:\ProgramData\Oracle
2014-01-07 11:22 - 2014-01-07 11:22 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-07 11:22 - 2014-01-07 11:22 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-07 11:22 - 2014-01-07 11:22 - 00000000 ____D C:\Program Files\Java
2014-01-07 02:23 - 2013-06-01 13:44 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2014-01-06 12:12 - 2014-01-04 11:15 - 00005083 _____ C:\Users\Flo\Desktop\Zustandsgraph.dia
2014-01-06 11:41 - 2014-01-06 11:41 - 00001740 _____ C:\Users\Flo\AppData\Local\recently-used.xbel
2014-01-06 11:41 - 2014-01-04 11:15 - 00005004 _____ C:\Users\Flo\Desktop\Zustandsgraph.dia~
2014-01-06 10:36 - 2014-01-04 18:31 - 00000000 ____D C:\Users\Flo\Desktop\FRST-OlderVersion
2014-01-06 10:36 - 2014-01-03 13:42 - 00000000 ____D C:\FRST
2014-01-06 10:36 - 2014-01-03 13:41 - 01931762 _____ (Farbar) C:\Users\Flo\Desktop\FRST64.exe
2014-01-06 10:18 - 2014-01-06 10:18 - 00987410 _____ C:\Users\Flo\Desktop\SecurityCheck.exe
2014-01-05 21:25 - 2014-01-05 21:25 - 02347384 _____ (ESET) C:\Users\Flo\Desktop\esetsmartinstaller_enu.exe
2014-01-05 14:20 - 2013-07-14 09:47 - 00000000 ____D C:\Users\Flo\Downloads\Neuer Ordner
2014-01-05 11:52 - 2014-01-04 11:15 - 00004901 _____ C:\Users\Flo\Desktop\Diagramm1.dia~
2014-01-04 18:22 - 2014-01-04 18:22 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:20 - 2014-01-04 18:20 - 01036305 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-01-04 18:13 - 2014-01-04 18:09 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:13 - 2010-03-19 18:07 - 00000000 ___RD C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 18:06 - 2014-01-04 18:06 - 01233962 _____ C:\Users\Flo\Desktop\adwcleaner.exe
2014-01-04 17:44 - 2014-01-04 17:44 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 17:44 - 2014-01-04 17:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-04 17:43 - 2014-01-04 17:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Flo\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-04 11:15 - 2010-03-19 18:07 - 00000000 ____D C:\Users\Flo
2014-01-04 01:51 - 2014-01-04 01:48 - 00000000 ____D C:\Users\Flo\Downloads\Silvester '14
2014-01-04 01:44 - 2014-01-04 01:44 - 00000000 ____D C:\Windows\Sun
2014-01-04 00:56 - 2014-01-04 00:56 - 00025304 _____ C:\ComboFix.txt
2014-01-04 00:56 - 2014-01-04 00:32 - 00000000 ____D C:\Qoobox
2014-01-04 00:53 - 2014-01-04 00:32 - 00000000 ____D C:\Windows\erdnt
2014-01-04 00:52 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-04 00:31 - 2014-01-04 00:31 - 05160669 ____R (Swearware) C:\Users\Flo\Desktop\ComboFix.exe
2014-01-03 13:06 - 2014-01-03 11:57 - 00000000 ____D C:\Users\Flo\.dia
2014-01-03 11:55 - 2014-01-03 11:54 - 00000000 ____D C:\Program Files (x86)\Dia
2014-01-02 12:58 - 2014-01-02 12:58 - 00000000 ____D C:\Users\Flo\Desktop\Alte Firefox-Daten
2014-01-02 12:42 - 2014-01-02 12:42 - 00198597 _____ C:\Users\Flo\Downloads\lesezeichen.adr
2014-01-02 12:23 - 2013-02-09 14:28 - 00000000 ____D C:\Users\Administrator
2014-01-02 12:23 - 2010-11-23 20:18 - 00000000 ____D C:\Users\postgres
2014-01-02 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-31 15:17 - 2013-03-22 17:50 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-31 01:11 - 2013-12-31 00:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 01:11 - 2012-06-12 20:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 01:11 - 2011-07-05 01:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 00:30 - 2013-12-31 00:30 - 00000000 ____D C:\ProgramData\McAfee
2013-12-31 00:19 - 2010-03-20 20:31 - 00000000 ____D C:\Users\Flo\AppData\Local\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 00:18 - 2013-12-31 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 00:17 - 2010-03-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 01:04 - 2012-11-24 23:10 - 00000283 _____ C:\Users\Flo\Documents\Serien.txt
2013-12-28 14:50 - 2012-11-11 22:44 - 00000000 ____D C:\Users\Flo\Downloads\Randon Mukke
2013-12-28 14:39 - 2013-12-28 14:39 - 00000000 ____D C:\Users\Flo\Downloads\Aligahto
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\system32\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\Windows\0PRQforpWsttis
2013-12-19 18:30 - 2013-12-19 18:30 - 00000000 ____D C:\AX NF ZZ
2013-12-19 18:25 - 2013-12-18 16:58 - 00000000 ____D C:\Program Files (x86)\Siemens
2013-12-19 18:24 - 2013-12-18 16:52 - 00000000 ____D C:\Users\Public\Documents\Siemens
2013-12-18 19:37 - 2013-08-31 01:01 - 00000000 ____D C:\Users\Flo\AppData\Roaming\vlc
2013-12-18 18:07 - 2013-12-18 18:07 - 00000000 ____D C:\Users\Flo\AppData\Roaming\Siemens
2013-12-18 17:21 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2013-12-18 17:18 - 2013-12-18 16:49 - 00000000 ____D C:\Program Files\Common Files\Siemens
2013-12-18 17:17 - 2013-12-18 17:17 - 00002514 _____ C:\Users\Public\Desktop\Automation License Manager.lnk
2013-12-18 16:58 - 2013-12-18 16:58 - 00002469 _____ C:\Users\Public\Desktop\TIA Portal V12.lnk
2013-12-18 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_vsnl2ada_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7ousbu64x_01007.Wdf
2013-12-18 16:55 - 2013-12-18 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dpmconv_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otsadx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7otranx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osobux64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7osmcax64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oserix64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7oppinx64_01007.Wdf
2013-12-18 16:54 - 2013-12-18 16:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_s7odpx2x64_01007.Wdf
2013-12-18 16:53 - 2010-03-20 21:12 - 00059022 _____ C:\Windows\DPINST.LOG
2013-12-18 16:52 - 2013-12-18 16:52 - 00000000 _____ C:\Windows\system32\sntieno.log
2013-12-18 16:48 - 2013-12-18 16:48 - 00000000 ____D C:\Program Files (x86)\MSSOAP
2013-12-18 16:45 - 2013-12-18 16:45 - 00000000 ____D C:\ProgramData\Siemens
2013-12-15 02:29 - 2010-03-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-15 02:28 - 2013-08-15 00:44 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:25 - 2010-03-21 11:21 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 19:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 19:06 - 2013-06-06 22:39 - 00000000 ____D C:\Users\Flo\Downloads\Oldschool Mukke
2013-12-12 18:06 - 2010-03-25 22:06 - 00000000 ____D C:\Users\Flo\Football
2013-12-12 17:18 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 20:20

==================== End Of Log ============================
         
--- --- ---


und Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Flo at 2014-01-08 00:08:19
Running from C:\Users\Flo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Shockwave Player (x32 Version: 10.2.0.22 - Adobe Systems, Inc.)
AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.13.88 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.2 (x32 Version: 9.4.2 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
AVM FRITZ!Box Dokumentation (x32 Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (x32 Version:  - Treyarch)
Call of Duty: Black Ops (x32 Version:  - Treyarch)
Canon iP5200 (Version:  - )
CanoScan LiDE 90 (Version:  - )
CanoScan Toolbox Ver4.9 (x32 Version:  - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Counter-Strike: Global Offensive (x32 Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version:  - Microsoft)
Dia (nur entfernen) (x32 Version:  - )
DivX-Setup (x32 Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Eco Materials Adviser (x64) (Version: 1.32.0.0 - Granta Design Limited)
Freemake Video Converter Version 4.0.0 (x32 Version: 4.0.0 - Ellora Assets Corporation)
GIMP 2.6.10 (x32 Version: 2.6.10 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
HDR Darkroom Windows Version v4.0 (x32 Version: Windows Version v4.0 - HengTu, Inc.)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HL-2240D (x32 Version: 1.0.4.0 - Brother Industries, Ltd.)
HP Officejet 6100 Basic Device Software (Version: 25.0.617.0 - Hewlett-Packard Co.)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
Keil µVision4 (x32 Version:  - )
Madden NFL 08 (x32 Version:  - Electronic Arts)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MATLAB R2009b (Version: 7.9 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (x32 Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MKVToolNix 5.8.0 (x32 Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.00900 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OpenVPN 2.1.3 (x32 Version: 2.1.3 - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (x32 Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime (x32 Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Rosetta Stone Version 3 (x32 Version: 3.4.5.0 - Rosetta Stone Ltd.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (Version: 16.0.16000.0000 - Autodesk)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Secure Download Manager (x32 Version: 3.1.30 - Kivuto Solutions Inc.)
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (x32 Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (x32 Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (x32 Version: 5.4.0502 - Siemens AG)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.2.9 (x32 Version: 3.2.9 - www.sopcast.com)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2012 (x32 Version: 17.08 - Wolters Kluwer Deutschland GmbH)
StreamTorrent 1.0 (x32 Version:  - )
TeamSpeak 3 Client (HKCU Version: 3.0.6 - TeamSpeak Systems GmbH)
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIPP10 Version 2.1.0 (x32 Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.0 (x32 Version: 1.1.0 - VideoLAN)
VMLite Workstation (Version: 3.2.6 - VMLite)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Utils (x32 Version:  - )
WinRAR (Version:  - )
Wise Registry Cleaner 7.63 (x32 Version:  - WiseCleaner.com, Inc.)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)

==================== Restore Points  =========================

03-01-2014 23:33:45 ComboFix created restore point
07-01-2014 10:17:25 Removed Java(TM) 6 Update 20
07-01-2014 10:22:00 Installed Java 7 Update 45 (64-bit)
07-01-2014 10:33:50 Removed Adobe Reader 9.5.5 - Deutsch.
07-01-2014 20:19:21 Tweaking.com - Windows Repair

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-04 00:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {22D242C8-5075-4E9D-A49A-40DD9CB79369} - System32\Tasks\{945AE91C-FD85-4C43-9F6D-4A64241D7020} => C:\Spielewiese\Hi-Rez Studios\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe
Task: {245A4F72-84F2-4309-852B-2727A098E319} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31] (Adobe Systems Incorporated)
Task: {51B1C918-4A81-45A1-BFAB-9501BFD38EB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {5DD1A1FF-3B68-4752-A935-C924933E9152} - System32\Tasks\{91A2CC6C-EA2F-4FE1-93DF-1AE4FC58AB31} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {7B080D84-AB9B-4EE3-B5CD-DC1E37C71159} - System32\Tasks\{4B42A201-C678-40F1-9A20-6B2FEA2D280A} => C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe [2009-12-23] (Multidmedia Limited                 )
Task: {C427900B-A65C-4FA9-A2BB-E48F66864F7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CA9C8660-8FCE-4D9B-8CAD-BD6F48DBF2DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CDECEA2C-08A2-4B8E-AB5A-EAA9A27413CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-04-01 19:08 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 20:42 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Flo\AppData\Roaming\Dropbox\bin\libcef.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2013-06-05 14:22 - 2013-06-05 14:22 - 00766176 _____ () C:\Windows\SysWOW64\sn_regbase.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: VMLite Host-Only Ethernet Adapter
Description: VMLite Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMLite Inc.
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2014 10:16:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:26:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:25:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 09:25:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9859

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9859

Error: (01/05/2014 02:37:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2014 11:46:19 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x16ec
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3

Error: (01/05/2014 10:38:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0xf3c
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3

Error: (01/04/2014 08:11:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: dia-win-remote.exe, Version: 0.0.0.0, Zeitstempel: 0x4ef37a66
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x7d4
Startzeit der fehlerhaften Anwendung: 0xdia-win-remote.exe0
Pfad der fehlerhaften Anwendung: dia-win-remote.exe1
Pfad des fehlerhaften Moduls: dia-win-remote.exe2
Berichtskennung: dia-win-remote.exe3


System errors:
=============
Error: (01/08/2014 00:03:03 AM) (Source: WMPNetworkSvc) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80070420" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (01/08/2014 00:01:40 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎01.‎2014 um 00:00:21 unerwartet heruntergefahren.

Error: (01/07/2014 11:53:21 PM) (Source: WMPNetworkSvc) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (01/07/2014 08:15:01 PM) (Source: Service Control Manager) (User: )
Description: Dienst "AAV UpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2014 08:10:33 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR5 gefunden.

Error: (01/07/2014 08:10:31 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR5 gefunden.

Error: (01/07/2014 06:47:21 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎01.‎2014 um 11:50:00 unerwartet heruntergefahren.

Error: (01/07/2014 10:32:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" wurde nicht richtig gestartet.

Error: (01/07/2014 10:31:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMLiteService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/07/2014 10:31:03 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst VMLiteService erreicht.


Microsoft Office Sessions:
=========================
Error: (11/28/2010 07:22:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8614 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 04:58:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4094 seconds with 3900 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:49:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 03:48:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8649 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:24:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 137 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/28/2010 01:21:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5022 seconds with 4680 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-04 00:50:40.117
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-04 00:50:39.805
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-02-26 10:12:58.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 09:51:06.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-26 00:33:28.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 23:58:09.302
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 19:02:58.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 16:34:41.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 14:19:58.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-02-25 00:12:20.113
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_65\midas64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 4094.3 MB
Available physical RAM: 2323.58 MB
Total Pagefile: 8186.79 MB
Available Pagefile: 6293.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1376.16 GB) (Free:835.77 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.63 GB) NTFS
Drive j: (TRANSCEND) (Removable) (Total:7.53 GB) (Free:4.29 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: DF3FB8C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-721379393536) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=8 GB) - (Type=0B)

==================== End Of Log ============================
         

Alt 08.01.2014, 12:22   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Zitat:
Soll ich vllt mal mit dem TFC bei Repairs den Windows Safe Mode reparieren? Gabs auch als Auswahlmöglichkeit.
Try it
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2014, 18:30   #11
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Abgesicherter Modus geht immer noch nicht

Alt 09.01.2014, 12:19   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Windows Scheibe rein und reparieren, sprich Inplace Upgrade machen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.01.2014, 19:42   #13
nacktmull123
 
Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Werd ich mal versuchen.

Ist sonst alles was dir so aufgefallen ist weg?

Alt 10.01.2014, 10:58   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich den Bundespolizei Trojaner? - Standard

Habe ich den Bundespolizei Trojaner?



Ja aber anschliessend trotzdem nochmal ein FRST log posten, ich schaue nochmal drüber
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Habe ich den Bundespolizei Trojaner?
abelssoft, adobe, browser, entfernen, explorer, flash player, gesperrt, homepage, java/exploit.agent.nfu, java/exploit.cve-2012-0507.cm, kaspersky, officejet, plug-in, pup.optional.crossrider, pup.optional.downloadguide.a, pup.optional.installcore.a, pup.optional.plushd.a, pup.optional.sweetim.a, realtek, registry, services.exe, starmoney, svchost.exe, trojaner, win32/adware.yontoo.b




Ähnliche Themen: Habe ich den Bundespolizei Trojaner?


  1. Bundespolizei sperrt ihren Browser. PC funktioniert noch und habe ich Trojaner aufm PC?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (11)
  2. Habe ich mir einen Bundespolizei-Trojaner eingefangen? Windows 7, Firefox
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (9)
  3. Habe ich den Bundespolizei-Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (11)
  4. neues Fester von Bundespolizei hat Broser gesperrt ich habe aber garnicht gemacht Hilfe !!!
    Diskussionsforum - 22.09.2013 (2)
  5. Habe mir auch den Bundespolizei Virus eingefangen
    Log-Analyse und Auswertung - 03.05.2013 (16)
  6. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.02.2013 (13)
  7. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.) sorry habe im ersten thema so ziemlich alles falsch gemacht
    Mülltonne - 21.12.2012 (4)
  8. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 19.09.2012 (1)
  9. Trojaner Bundespolizei?
    Log-Analyse und Auswertung - 29.08.2012 (1)
  10. Bundespolizei - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.08.2012 (11)
  11. Bundespolizei Virus - habe schon mehreres probiert - eventuell neu??
    Log-Analyse und Auswertung - 12.06.2012 (1)
  12. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (9)
  13. Bundespolizei Trojaner... Welchen habe ich drauf und wie bekämpfe ich diesen ?
    Plagegeister aller Art und deren Bekämpfung - 11.03.2012 (15)
  14. Bundespolizei Trojaner??
    Plagegeister aller Art und deren Bekämpfung - 26.12.2011 (27)
  15. Bundespolizei Trojaner - Win XP
    Log-Analyse und Auswertung - 18.12.2011 (1)
  16. Habe den Virus mit der Bundespolizei erfolgreich entfernt..... Aber bin ich sicher?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  17. Guten Morgen ich habe ein Gefühl ich habe nun einen Virus/Trojaner
    Log-Analyse und Auswertung - 23.12.2009 (1)

Zum Thema Habe ich den Bundespolizei Trojaner? - Servus, Vorgestern hat sich in meinem Browser (Opera) ein Fenster von der "Bundespolizei" geöffnet, mit diversen Anschuligungen (Raubkopien, etc.) und möglichen Strafen. Hab daraufhin mal ein bisschen gegoogelt und bin - Habe ich den Bundespolizei Trojaner?...
Archiv
Du betrachtest: Habe ich den Bundespolizei Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.